NVD

Id
51272  
Name
CVE-2009-4124  
Description
Heap-based buffer overflow in the rb_str_justify function in string.c in Ruby 1.9.1 before 1.9.1-p376 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving (1) String#ljust, (2) String#center, or (3) String#rjust. NOTE: some of these details are obtained from third party information.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2009-12-11  
Modified Date
2009-12-19  
Seq
2009-4124  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
260026 51272 CVE-2009-4124 http://www.ruby-lang.org/en/news/2009/12/07/heap-overflow-in-string/  View
260027 51272 CVE-2009-4124 37278  View
260028 51272 CVE-2009-4124 ADV-2009-3471  View
260029 51272 CVE-2009-4124 ruby-rbstrjustify-bo(54674)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
45489 JVNDB-2009-006496 Ruby の string.c におけるヒープベースのバッファオーバーフローの脆弱性 Ruby の string.c の rb_str_justify 関数は、以下に関する処理に不備があるため、ヒープベースのバッファオーバーフローの脆弱性が存在します。 CVE-2009-4124 41555 CVE-2009-4124 51272 10 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-006496.html 2009-12-11 2012-12-20 View