15 Sep 2017
CVE-2017-0898 - CVE Vulnerability
Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap. (CVSS:0.0) (Last Update:2017-09-21)
Vulnerability Details : Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a precious specifier (*) with a huge minus value. Such situation can lead to a buffer overrun, resulting in a heap memory corruption or an information disclosure from the heap. Publish Date : 2017-09-15 Last Update Date : 2017-09-21 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2017-0898
- References For CVE-2017-0898
| ||||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2017-0898There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |