CVE-2015-7551

{"id": "CVE-2015-7551", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.5}]}, "published": "2016-03-24T01:59:03.370", "references": [{"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796344", "source": "secalert@redhat.com"}, {"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796551", "source": "secalert@redhat.com"}, {"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", "source": "secalert@redhat.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/76060", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2018:0583", "source": "secalert@redhat.com"}, {"url": "https://github.com/ruby/ruby/commit/339e11a7f178312d937b7c95dd3115ce7236597a", "source": "secalert@redhat.com"}, {"url": "https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-7551.html", "source": "secalert@redhat.com"}, {"url": "https://puppet.com/security/cve/ruby-dec-2015-security-fixes", "source": "secalert@redhat.com"}, {"url": "https://support.apple.com/HT206167", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string, related to the DL module and the libffi library. NOTE: this vulnerability exists because of a CVE-2009-5147 regression."}, {"lang": "es", "value": "La implementaci\u00f3n Fiddle::Handle en ext/fiddle/handle.c en Ruby en versiones anteriores a 2.0.0-p648, 2.1 en versiones anteriores a 2.1.8 y 2.2 en versiones anteriores a 2.2.4, seg\u00fan se distribuye en Apple OS X en versiones anteriores a 10.11.4 y otros productos, no maneja correctamente el tainting, lo que permite a atacantes dependientes del contexto ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de una cadena manipulada, relacionado con el m\u00f3dulo DL y la librer\u00eda libffi. NOTA: esta vulnerabilidad existe por una regresi\u00f3n de CVE-2009-5147."}], "lastModified": "2018-03-28T01:29:03.403", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3C6DA6A-9C87-4B7B-A52D-A66276B5DE82", "versionEndIncluding": "10.11.3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7B036EA-235A-41A7-9CEB-3FA9C49FFDA8", "versionEndIncluding": "2.0.0-p647"}, {"criteria": "cpe:2.3:a:ruby-lang:ruby:2.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85A846FF-DD34-4DD6-BD61-09124C145E97"}, {"criteria": "cpe:2.3:a:ruby-lang:ruby:2.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DF046E4-503B-4A10-BEAB-3144BD86EA49"}, {"criteria": "cpe:2.3:a:ruby-lang:ruby:2.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FCA45F1-3038-413A-B8C3-EE366A4E6248"}, {"criteria": "cpe:2.3:a:ruby-lang:ruby:2.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF6AF5E3-4EB8-48A3-B8E9-C79C08C38994"}, {"criteria": "cpe:2.3:a:ruby-lang:ruby:2.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AE2B154-8126-4A38-BAB6-915207764FC0"}, {"criteria": "cpe:2.3:a:ruby-lang:ruby:2.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "808FA8BE-71FC-4ADD-BDEA-637E8DF4E899"}, {"criteria": "cpe:2.3:a:ruby-lang:ruby:2.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "523417A8-F62B-48AF-B60B-CE9A200D4A9A"}, {"criteria": "cpe:2.3:a:ruby-lang:ruby:2.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FAB1E0F8-F9B0-40E9-892E-C62729525CE5"}, {"criteria": "cpe:2.3:a:ruby-lang:ruby:2.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8F103B7-0E70-4490-9802-2CD6034E240B"}, {"criteria": "cpe:2.3:a:ruby-lang:ruby:2.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35D36707-03B7-437C-B21D-A27D5C530117"}, {"criteria": "cpe:2.3:a:ruby-lang:ruby:2.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5FCCD8F3-E667-42F2-9861-14EDFB16583A"}, {"criteria": "cpe:2.3:a:ruby-lang:ruby:2.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F3CEF46-C95D-493B-A99B-7C90FDF27B47"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}