CVE-2016-2336

Name of the Vulnerable Software and Affected Versions Ruby (affected versions not specified)

Description The issue is related to type confusion in the WIN32OLE class of Ruby, specifically in the ole invoke and ole query interface methods. This occurs when an attacker passes a different type of object than what is assumed by the developers, potentially leading to arbitrary code execution. The vulnerability is caused by incorrect checking of the return value of a method or function, which can be exploited by a remote attacker to execute arbitrary code.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.