CVE-2016-2336

Published: 1/6/2017 Last updated: 8/5/2024 Reserved: 2/12/2016

Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke and ole_query_interface. Attacker passing different type of object than this assumed by developers can cause arbitrary code execution.

CNA assigner: certcc (37e5125f-f79b-445b-8fad-9564f167944b) Requested by: n/a