1
Candidate: CVE-2016-2336
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2336
5
http://www.talosintelligence.com/reports/TALOS-2016-0029/
7
Type confusion exists in two methods of Ruby's WIN32OLE class, ole_invoke
8
and ole_query_interface. Attacker passing different type of object than
9
this assumed by developers can cause arbitrary code execution.
12
mdeslaur> win32ole not in binary package
19
upstream_ruby2.3: needs-triage
22
vivid/stable-phone-overlay_ruby2.3: DNE
23
vivid/ubuntu-core_ruby2.3: DNE
24
xenial_ruby2.3: not-affected
25
yakkety_ruby2.3: not-affected
26
devel_ruby2.3: not-affected