Lucene search
Ubuntu.comUB:CVE-2009-4124HistoryDec 11, 2009 - 12:00 a.m.
CVE-2009-4124
2009-12-1100:00:00
ubuntu.com
ubuntu.com
7
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.013 Low
EPSS
Percentile
85.6%
Heap-based buffer overflow in the rb_str_justify function in string.c in
Ruby 1.9.1 before 1.9.1-p376 allows context-dependent attackers to execute
arbitrary code via unspecified vectors involving (1) String#ljust, (2)
String#center, or (3) String#rjust. NOTE: some of these details are
obtained from third party information.
Notes
| Author | Note |
|---|---|
| mdeslaur | upstream says 1.8 is not affected |
Related
nessus
nessus
FreeBSD : ruby -- heap overflow vulnerability (eab8c3bd-e50c-11de-9cd0-001a926c7637)
2009-12-10 00:00:00
Ubuntu 8.10 / 9.04 / 9.10 : ruby1.9 vulnerabilities (USN-900-1)
2010-02-17 00:00:00
seebug
seebug
Ruby "rb_str_justify()"ηΌε²εΊζΊ’εΊζΌζ΄
2009-12-15 00:00:00
cve
cve
CVE-2009-4124
2009-12-11 16:30:00
altlinux
altlinux
Security fix for the ALT Linux 5 package ruby version 1.9.1-alt1.r26040.1
2009-12-29 00:00:00
Security fix for the ALT Linux 5 package ruby version 1.9.1-alt1.r26040
2009-12-09 00:00:00
openvas
openvas
Ruby Interpreter Heap Overflow Vulnerability (Windows) - Dec09
2009-12-23 00:00:00
FreeBSD Ports: ruby
2009-12-14 00:00:00
Ruby Interpreter Heap Overflow Vulnerability (Dec 2009) - Windows
2009-12-23 00:00:00
freebsd
freebsd
ruby -- heap overflow vulnerability
2009-11-30 00:00:00
prion
prion
Heap overflow
2009-12-11 16:30:00
rubygems
rubygems
ubuntu
ubuntu
Ruby vulnerabilities
2010-02-16 00:00:00
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.013 Low
EPSS
Percentile
85.6%
Related for UB:CVE-2009-4124