CVE-2009-4124

Heap-based buffer overflow in the rb_str_justify function in string.c in Ruby 1.9.1 before 1.9.1-p376 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving (1) String#ljust, (2) String#center, or (3) String#rjust. NOTE: some of these details are obtained from third party information.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ruby-lang:ruby:1.9.1:-p0:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:1.9.1:-p129:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:1.9.1:-p243:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_1:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_2:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc1:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc2:*:*:*:*:*:*

History

No history.

Information

Published : 2009-12-11 16:30

Updated : 2024-02-04 17:33


NVD link : CVE-2009-4124

Mitre link : CVE-2009-4124

CVE.ORG link : CVE-2009-4124


JSON object : View

Products Affected

ruby-lang

  • ruby
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer