Late last week, Drew Yao of Apple Product Security apparently discovered several vulnerabilities in multiple versions of Ruby that could allow attackers to execute arbitrary code or create a denial of service condition.
The vulnerabilities stemmed from unchecked overflow conditions in several array-handling routines, and from an unsafe memory allocation in Ruby's string processing. The Ruby maintainers have since released patches for these vulnerabilities. Vulnerable versions include:
- 1.8.4 and all prior versions
- 1.8.5-p230 and all prior versions
- 1.8.6-p229 and all prior versions
- 1.8.7-p21 and all prior versions
- 1.9.0-1 and all prior versions
Patches are available here:
http://www.ruby-lang.org/en/news /2008/06/20/arbitrary-code-execution-vulnerabilities/