CVE-2016-2337 in Rubyinformazioni

Riassunto

di MITRE

Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argument can cause arbitrary code execution.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Fonti

Interested in the pricing of exploits?

See the underground prices here!