FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ruby -- heap overflow vulnerability

Affected packages
1.9.1,1 <= ruby <,1


VuXML ID eab8c3bd-e50c-11de-9cd0-001a926c7637
Discovery 2009-11-30
Entry 2009-12-09

The official ruby site reports:

There is a heap overflow vulnerability in String#ljust, String#center and String#rjust. This has allowed an attacker to run arbitrary code in some rare cases.


CVE Name CVE-2009-4124