2 matches found
The vulnerability in the WIN32OLE methods ole_invoke and ole_query_interface of the Ruby interpreter allows a malicious actor to execute arbitrary code.
The vulnerability in the WIN32OLE methods oleinvoke and olequeryinterface of the Ruby interpreter arises due to incorrect checking of the returned value from these methods or functions. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Ruby WIN32OLE Class Arbitrary Code Execution Vulnerability
Ruby is a cross-platform, object-oriented, dynamically typed programming language developed by Japanese software developer Yukihiro Matsumoto. An arbitrary code execution vulnerability exists in the 'oleinvoke' and 'olequeryinterface' methods of the WIN32OLE class in Ruby versions 2.3.0 dev and...