CVE-2011-0188

MEDIUM

Description

The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an "integer truncation issue."

References

http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

http://support.apple.com/kb/HT4581

http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/trunk/ext/bigdecimal/bigdecimal.c?r1=29364&r2=30993

http://www.mandriva.com/security/advisories?name=MDVSA-2011:097

http://www.mandriva.com/security/advisories?name=MDVSA-2011:098

http://www.redhat.com/support/errata/RHSA-2011-0908.html

http://www.redhat.com/support/errata/RHSA-2011-0909.html

http://www.redhat.com/support/errata/RHSA-2011-0910.html

http://www.securitytracker.com/id?1025236

https://bugzilla.redhat.com/show_bug.cgi?id=682332

Details

Source: MITRE

Published: 2011-03-23

Updated: 2011-08-24

Type: CWE-189

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM