EUVD-2016-3420

Malware in sbrugna...

SUSE CVE-2016-2336

Type confusion exists in two methods of Ruby's WIN32OLE class, oleinvoke and olequeryinterface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution...

Ruby WIN32OLE ole_invoke and ole_query_interface Type Confusion Vulnerabilities(CVE-2016-2336)

DESCRIPTION Type Confusion exists in two methods of Ruby's WIN32OLE class, oleinvoke and olequeryinterface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution. TESTED VERSIONS Ruby 2.3.0 dev Ruby 2.2.2 PRODUCT URLs https://www.ruby-lang.or...

The vulnerability in the WIN32OLE methods ole_invoke and ole_query_interface of the Ruby interpreter allows a malicious actor to execute arbitrary code.

The vulnerability in the WIN32OLE methods oleinvoke and olequeryinterface of the Ruby interpreter arises due to incorrect checking of the returned value from these methods or functions. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2016-2336

Type confusion exists in two methods of Ruby's WIN32OLE class, oleinvoke and olequeryinterface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution...

CVE-2016-2336

Type confusion exists in two methods of Ruby's WIN32OLE class, oleinvoke and olequeryinterface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution...

CVE-2016-2336

Type confusion exists in two methods of Ruby's WIN32OLE class, oleinvoke and olequeryinterface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution...

CVE-2016-2336

Type confusion exists in two methods of Ruby's WIN32OLE class, oleinvoke and olequeryinterface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution...

Type confusion

Type confusion exists in two methods of Ruby's WIN32OLE class, oleinvoke and olequeryinterface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution...

CVE-2016-2336

Type confusion exists in two methods of Ruby's WIN32OLE class, oleinvoke and olequeryinterface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution...

CVE-2016-2336

Removed by vendor...

CVE-2016-2336

CVE-2016-2336 : Type confusion exists in two methods of Ruby’s WIN32OLE class, ole_invoke and ole_query_interface . Attacker-supplied objects of unexpected types can trigger arbitrary code execution, as noted in multiple connected records. The vulnerability affects Ruby’s WIN32OLE interactions, w...

Type confusion exists in ole_invoke and ole_query_interface methods of Ruby's WIN32OLE class

Type confusion exists in two methods of Ruby's WIN32OLE class, oleinvoke and olequeryinterface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution...

Ruby WIN32OLE Class Arbitrary Code Execution Vulnerability

Ruby is a cross-platform, object-oriented, dynamically typed programming language developed by Japanese software developer Yukihiro Matsumoto. An arbitrary code execution vulnerability exists in the 'oleinvoke' and 'olequeryinterface' methods of the WIN32OLE class in Ruby versions 2.3.0 dev and...

Ruby WIN32OLE ole_invoke and ole_query_interface Type Confusion Vulnerabilities

Talos Vulnerability Report TALOS-2016-0029 Ruby WIN32OLE oleinvoke and olequeryinterface Type Confusion Vulnerabilities June 14, 2016 CVE Number CVE-2016-2336 DESCRIPTION Type Confusion exists in two methods of Ruby’s WIN32OLE class, oleinvoke and olequeryinterface. Attacker passing different typ...