CVE-2016-2339

CVE-2016-2339

An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "arg_types" allocation is made based on args array length. Specially constructed object passed as element of args array can increase this array size after mentioned allocation and cause heap overflow.

Source: CVE-2016-2339

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다