Emmanouel Kellinis

#10180of 53,633
27.1Total CVSS
Vulnerabilities · 4
Medium
3
High
1
PT-2009-6301
10
2009-12-11
Ruby · Ruby · CVE-2009-4124
**Name of the Vulnerable Software and Affected Versions** Ruby versions 1.9.1 before 1.9.1-p376 **Description** The issue is a heap-based buffer overflow in the `rb str justify` function, allowing context-dependent attackers to execute arbitrary code. This can be achieved via unspecified vectors involving the `String#ljust`, `String#center`, or `String#rjust` functions. **Recommendations** For Ruby versions 1.9.1 before 1.9.1-p376, update to version 1.9.1-p376 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `String#ljust`, `String#center`, and `String#rjust` functions until a patch is applied.
PT-2009-5957
4.3
2009-10-14
Google · Android · CVE-2009-3698
**Name of the Vulnerable Software and Affected Versions** Android versions 1.5 and earlier **Description** The issue is related to an unspecified function in the Dalvik API, allowing remote attackers to cause a denial of service, which results in a system process restart, via a crafted application. **Recommendations** For Android versions 1.5 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2009-3496
6.4
2009-04-06
Vmware · Vmware Host Guest File System · CVE-2009-0908
**Name of the Vulnerable Software and Affected Versions** VMware ACE versions 2.5.1 and earlier **Description** The issue concerns an unspecified vulnerability in the ACE shared folders implementation within the VMware Host Guest File System (HGFS) shared folders feature. This vulnerability allows attackers to enable a disabled shared folder. **Recommendations** For versions 2.5.1 and earlier, consider disabling the HGFS shared folders feature until a patch is available. Restrict access to shared folders to minimize the risk of exploitation.
PT-2006-2818
6.4
2006-04-18
Digium · Asterisk · CVE-2006-1827
**Name of the Vulnerable Software and Affected Versions** Asterisk versions 1.2.6 and earlier **Description** The issue is caused by an integer signedness error in the format jpeg.c file, which allows remote attackers to execute arbitrary code. This is achieved by providing a length value that passes a length check as a negative number but triggers a buffer overflow when used as an unsigned length. **Recommendations** For Asterisk versions 1.2.6 and earlier, update to a version later than 1.2.6 to resolve the issue.