CVE-2016-2336
N/A
N/A
Summary
Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Ruby | Ruby | 2.3.0 dev | affected |
| Ruby | Ruby | 2.2.2 | affected |
Weaknesses
- type confusion
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.