Ruby 'rb_str_justify()' Heap Based Buffer Overflow Vulnerability

Bugtraq ID: 37278
Class: Boundary Condition Error
CVE: CVE-2009-4124
Remote: Yes
Local: Yes
Published: Dec 07 2009 12:00AM
Updated: Feb 16 2010 06:51PM
Credit: Emmanouel Kellinis, KPMG London
Vulnerable: Yukihiro Matsumoto Ruby 1.9.1
Ubuntu Ubuntu Linux 9.10 sparc
Ubuntu Ubuntu Linux 9.10 powerpc
Ubuntu Ubuntu Linux 9.10 lpia
Ubuntu Ubuntu Linux 9.10 i386
Ubuntu Ubuntu Linux 9.10 amd64
Ubuntu Ubuntu Linux 9.04 sparc
Ubuntu Ubuntu Linux 9.04 powerpc
Ubuntu Ubuntu Linux 9.04 lpia
Ubuntu Ubuntu Linux 9.04 i386
Ubuntu Ubuntu Linux 9.04 amd64
Ubuntu Ubuntu Linux 8.10 sparc
Ubuntu Ubuntu Linux 8.10 powerpc
Ubuntu Ubuntu Linux 8.10 lpia
Ubuntu Ubuntu Linux 8.10 i386
Ubuntu Ubuntu Linux 8.10 amd64
Not Vulnerable: Yukihiro Matsumoto Ruby 1.9.1 -p376


 

Privacy Statement
Copyright 2010, SecurityFocus