Ruby Interpreter Heap Overflow Vulnerability (Windows) - Dec09

Summary
This host is installed with Ruby Interpreter and is prone to Heap Overflow vulnerability.
Impact
Successful exploitation will let the attacker execute arbitrary code, corrupt the heap area to execute the crafted malicious shellcode into the system registers to take control over the remote machine.
Solution
Apply the patch, ftp://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p376.tar.bz2 ***** NOTE: Please ignore this warning if the patch is applied. *****
Insight
The flaw is due to improper sanitization check while processing user supplied input data to the buffer inside 'String#ljust', 'String#center' and 'String#rjust' methods.
Affected
Ruby Interpreter version 1.9.1 before 1.9.1 Patchlevel 376
References