{"containers": {"cna": {"affected": [{"product": "Ruby", "vendor": "Ruby", "versions": [{"status": "affected", "version": "2.3.0 dev"}, {"status": "affected", "version": "2.2.2"}]}, {"product": "Tcl/Tk", "vendor": "Tcl", "versions": [{"status": "affected", "version": "8.6 or later"}]}], "datePublic": "2016-06-14T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as \"retval\" argument can cause arbitrary code execution."}], "problemTypes": [{"descriptions": [{"description": "type confusion", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-08-28T09:57:01.000Z", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0031/"}, {"name": "91233", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/91233"}, {"name": "[debian-lts-announce] 20180827 [SECURITY] [DLA 1480-1] ruby2.1 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html"}, {"name": "GLSA-201710-18", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201710-18"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2016-2337", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Ruby", "version": {"version_data": [{"version_value": "2.3.0 dev"}, {"version_value": "2.2.2"}]}}]}, "vendor_name": "Ruby"}, {"product": {"product_data": [{"product_name": "Tcl/Tk", "version": {"version_data": [{"version_value": "8.6 or later"}]}}]}, "vendor_name": "Tcl"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as \"retval\" argument can cause arbitrary code execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "type confusion"}]}]}, "references": {"reference_data": [{"name": "http://www.talosintelligence.com/reports/TALOS-2016-0031/", "refsource": "MISC", "url": "http://www.talosintelligence.com/reports/TALOS-2016-0031/"}, {"name": "91233", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91233"}, {"name": "[debian-lts-announce] 20180827 [SECURITY] [DLA 1480-1] ruby2.1 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html"}, {"name": "GLSA-201710-18", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201710-18"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T23:24:49.158Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0031/"}, {"name": "91233", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/91233"}, {"name": "[debian-lts-announce] 20180827 [SECURITY] [DLA 1480-1] ruby2.1 security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html"}, {"name": "GLSA-201710-18", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201710-18"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2016-2337", "datePublished": "2017-01-06T21:00:00.000Z", "dateReserved": "2016-02-12T00:00:00.000Z", "dateUpdated": "2024-08-05T23:24:49.158Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ruby-lang:ruby:2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5FCCD8F3-E667-42F2-9861-14EDFB16583A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ruby-lang:ruby:2.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "822307DD-7F7D-44C2-9C4B-CB8704663410", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as \"retval\" argument can cause arbitrary code execution."}, {"lang": "es", "value": "Existe un tipo de confusi\u00f3n en el m\u00e9todo de clase _cancel_eval Ruby's TclTkIp. El atacante que pasa un tipo diferente de objeto que una String como argumento \"retval\" puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario."}], "evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/843.html\">CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')</a>", "id": "CVE-2016-2337", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-01-06T21:59:00.460", "references": [{"source": "cret@cert.org", "url": "http://www.securityfocus.com/bid/91233"}, {"source": "cret@cert.org", "tags": ["Exploit", "Technical Description", "Third Party Advisory", "VDB Entry"], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0031/"}, {"source": "cret@cert.org", "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html"}, {"source": "cret@cert.org", "url": "https://security.gentoo.org/glsa/201710-18"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/91233"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Technical Description", "Third Party Advisory", "VDB Entry"], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0031/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00028.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201710-18"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "ruby: TclTkIp ip_cancel_eval type confusion vulnerability", "id": "1412680", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1412680"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-843", "details": ["Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as \"retval\" argument can cause arbitrary code execution."], "name": "CVE-2016-2337", "package_state": [{"cpe": "cpe:/a:redhat:cloudforms_managementengine:5", "fix_state": "Will not fix", "package_name": "rh-ruby22-ruby", "product_name": "CloudForms Management Engine 5"}, {"cpe": "cpe:/a:redhat:cloudforms_managementengine:5", "fix_state": "Will not fix", "package_name": "ruby-200-ruby", "product_name": "CloudForms Management Engine 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "ruby", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "ruby", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "ruby", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Will not fix", "package_name": "rh-ruby22-ruby", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Will not fix", "package_name": "rh-ruby23-ruby", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Will not fix", "package_name": "ruby200-ruby", "product_name": "Red Hat Software Collections"}], "public_date": "2016-06-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-2337\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-2337"], "statement": "Red Hat Product Security has rated this issue as having Moderate security\nimpact. This issue is not currently planned to be addressed in future\nupdates. For additional information, refer to the Issue Severity\nClassification: https://access.redhat.com/security/updates/classification/.", "threat_severity": "Moderate"}

{}