The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an "integer truncation issue."
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2011-03-22 19:00
Updated : 2011-08-23 20:15
NVD link : CVE-2011-0188
Mitre link : CVE-2011-0188
JSON object : View
CWE
CWE-189
Numeric Errors
Products Affected
apple
- mac_os_x
- mac_os_x_server
ruby-lang
- ruby