CVE-2016-2337 in Ruby정보

요약

\~에 의해 MITRE

Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argument can cause arbitrary code execution.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

출처

Interested in the pricing of exploits?

See the underground prices here!