CVE-2011-0188

MEDIUM

Description

The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an "integer truncation issue."

References

http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

http://support.apple.com/kb/HT4581

http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/trunk/ext/bigdecimal/bigdecimal.c?r1=29364&r2=30993

http://www.mandriva.com/security/advisories?name=MDVSA-2011:097

http://www.mandriva.com/security/advisories?name=MDVSA-2011:098

http://www.redhat.com/support/errata/RHSA-2011-0908.html

http://www.redhat.com/support/errata/RHSA-2011-0909.html

http://www.redhat.com/support/errata/RHSA-2011-0910.html

http://www.securitytracker.com/id?1025236

https://bugzilla.redhat.com/show_bug.cgi?id=682332

Details

Source: MITRE

Published: 2011-03-23

Updated: 2011-08-24

Type: CWE-189

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

AND

OR

cpe:2.3:a:ruby-lang:ruby:1.9:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9:r18423:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.0:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.0:r18423:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.0-0:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.0-1:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.0-2:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.0-20060415:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.0-20070709:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.1:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.1:-p0:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.1:-p129:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.1:-p243:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.1:-p376:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.1:-p429:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_1:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.1:-preview_2:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc1:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.1:-rc2:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.2:*:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:1.9.2:dev:*:*:*:*:*:*

cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*

OR

cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.6.3:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.6.5:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.6.6:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.6.3:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.6.5:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.6.6:*:*:*:*:*:*:*

Tenable Plugins

View all (24 total)

IDNameProductFamilySeverity
83907Debian DLA-235-1 : ruby1.9.1 security updateNessusDebian Local Security Checks
medium
82233Debian DLA-88-1 : ruby1.8 security updateNessusDebian Local Security Checks
high
79980GLSA-201412-27 : Ruby: Denial of ServiceNessusGentoo Local Security Checks
high
76014openSUSE Security Update : ruby (openSUSE-SU-2011:0556-1)NessusSuSE Local Security Checks
medium
75729openSUSE Security Update : ruby (openSUSE-SU-2011:0561-1)NessusSuSE Local Security Checks
medium
68299Oracle Linux 6 : ruby (ELSA-2011-0910)NessusOracle Linux Local Security Checks
medium
68298Oracle Linux 5 : ruby (ELSA-2011-0909)NessusOracle Linux Local Security Checks
medium
68297Oracle Linux 4 : ruby (ELSA-2011-0908)NessusOracle Linux Local Security Checks
medium
67085CentOS 5 : ruby (CESA-2011:0909)NessusCentOS Local Security Checks
medium
61077Scientific Linux Security Update : ruby on SL6.x i386/x86_64NessusScientific Linux Local Security Checks
medium
61076Scientific Linux Security Update : ruby on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
medium
61075Scientific Linux Security Update : ruby on SL4.x i386/x86_64NessusScientific Linux Local Security Checks
medium
58146Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : ruby1.8 vulnerabilities (USN-1377-1)NessusUbuntu Local Security Checks
high
57253SuSE 10 Security Update : ruby (ZYPP Patch Number 7528)NessusSuSE Local Security Checks
medium
55837CentOS 4 : ruby (CESA-2011:0908)NessusCentOS Local Security Checks
medium
55452RHEL 6 : ruby (RHSA-2011:0910)NessusRed Hat Local Security Checks
medium
55451RHEL 5 : ruby (RHSA-2011:0909)NessusRed Hat Local Security Checks
medium
55450RHEL 4 : ruby (RHSA-2011:0908)NessusRed Hat Local Security Checks
medium
54921SuSE 11.1 Security Update : ruby (SAT Patch Number 4585)NessusSuSE Local Security Checks
medium
54626Mandriva Linux Security Advisory : ruby (MDVSA-2011:097)NessusMandriva Local Security Checks
medium
52754Mac OS X 10.6.x < 10.6.7 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
high
52753Mac OS X Multiple Vulnerabilities (Security Update 2011-001)NessusMacOS X Local Security Checks
high
800796Mac OS X 10.6 < 10.6.7 Multiple VulnerabilitiesLog Correlation EngineOperating System Detection
high
5826Mac OS X 10.6 < 10.6.7 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical