Vulnerability Details : CVE-2011-0188
The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an "integer truncation issue."
Vulnerability category: Execute codeDenial of service
Products affected by CVE-2011-0188
- cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.0:r18423:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc1:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_2:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc2:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.1:-p129:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_1:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.1:-p243:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.1:-p0:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.2:dev:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.0-0:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.0-1:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.0-2:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.0-20060415:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.0-20070709:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.1:-p376:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9.1:-p429:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:1.9:r18423:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-0188
2.85%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 89 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-0188
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
CWE ids for CVE-2011-0188
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-0188
-
http://www.redhat.com/support/errata/RHSA-2011-0909.html
Support
-
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/trunk/ext/bigdecimal/bigdecimal.c?r1=29364&r2=30993
ViewVC ExceptionPatch;Vendor Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2011:098
mandriva.com
-
http://support.apple.com/kb/HT4581
About the security content of Mac OS X v10.6.7 and Security Update 2011-001 - Apple SupportPatch
-
https://bugzilla.redhat.com/show_bug.cgi?id=682332
682332 – (CVE-2011-0188) CVE-2011-0188 ruby: memory corruption in BigDecimal on 64bit platformsPatch
-
http://www.redhat.com/support/errata/RHSA-2011-0908.html
Support
-
http://www.redhat.com/support/errata/RHSA-2011-0910.html
Support
-
http://www.securitytracker.com/id?1025236
Ruby 64-bit BigDecimal Integer Truncation Flaw Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
http://www.mandriva.com/security/advisories?name=MDVSA-2011:097
mandriva.com
-
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
Apple - Lists.apple.comPatch;Vendor Advisory
Jump to