Lucene search
UbuntuUSN-1602-1HistoryOct 10, 2012 - 12:00 a.m.
Ruby vulnerabilities
2012-10-1000:00:00
ubuntu.com
42
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
Low
EPSS
0.004
Percentile
74.7%
Releases
- Ubuntu 12.04
Packages
- ruby1.9.1 - Interpreter of object-oriented scripting language Ruby
Details
Tyler Hicks and Shugo Maeda discovered that Ruby incorrectly allowed untainted
strings to be modified in protective safe levels. An attacker could use this
flaw to bypass intended access restrictions. (CVE-2012-4464, CVE-2012-4466)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 12.04 | noarch | libruby1.9.1 | < 1.9.3.0-1ubuntu2.3 | UNKNOWN |
| Ubuntu | 12.04 | noarch | libruby1.9.1-dbg | < 1.9.3.0-1ubuntu2.3 | UNKNOWN |
| Ubuntu | 12.04 | noarch | libtcltk-ruby1.9.1 | < 1.9.3.0-1ubuntu2.3 | UNKNOWN |
| Ubuntu | 12.04 | noarch | ruby1.9.1 | < 1.9.3.0-1ubuntu2.3 | UNKNOWN |
| Ubuntu | 12.04 | noarch | ruby1.9.1-dev | < 1.9.3.0-1ubuntu2.3 | UNKNOWN |
Related
freebsd
freebsd
ruby -- $SAFE escaping vulnerability about Exception#to_s/NameError#to_s
2012-08-21 00:00:00
nessus
nessus
Ubuntu 12.04 LTS : ruby1.9.1 vulnerabilities (USN-1602-1)
2012-10-11 00:00:00
Fedora 17 : ruby-1.9.3.194-17.fc17 (2012-15395)
2012-10-15 00:00:00
Fedora 18 : ruby-1.9.3.194-18.fc18 (2012-15376)
2012-10-09 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: ruby-1.9.3.194-18.fc18
2012-10-09 00:29:34
[SECURITY] Fedora 17 Update: ruby-1.9.3.194-17.fc17
2012-10-14 03:50:48
[SECURITY] Fedora 17 Update: ruby-1.9.3.286-18.fc17
2012-10-22 01:59:29
openvas
openvas
Fedora Update for ruby FEDORA-2012-15395
2012-10-16 00:00:00
FreeBSD Ports: ruby
2012-11-26 00:00:00
Ubuntu: Security Advisory (USN-1602-1)
2012-10-11 00:00:00
prion
prion
Design/Logic Flaw
2013-04-25 23:55:00
Code injection
2013-04-25 23:55:00
nvd
nvd
CVE-2012-4464
2013-04-25 23:55:01
CVE-2012-4466
2013-04-25 23:55:01
cve
cve
CVE-2012-4464
2013-04-25 23:55:01
CVE-2012-4466
2013-04-25 23:55:01
ubuntu
ubuntu
Ruby vulnerabilities
2012-10-23 00:00:00
Ruby vulnerabilities
2012-10-23 00:00:00
Ruby vulnerabilities
2012-10-10 00:00:00
cvelist
cvelist
CVE-2012-4464
2013-04-25 23:00:00
CVE-2012-4466
2013-04-25 23:00:00
ubuntucve
ubuntucve
CVE-2012-4464
2012-10-03 00:00:00
CVE-2012-4466
2012-10-03 00:00:00
veracode
veracode
Authorization Bypass
2019-05-02 04:53:42
Authorization Bypass
2019-05-02 04:53:43
securityvulns
securityvulns
Ruby restrictions bypass
2012-10-15 00:00:00
[USN-1603-1] Ruby vulnerabilities
2012-10-15 00:00:00
seebug
seebug
Ruby 安全级别限制绕过漏洞(CVE-2012-4466)
2013-04-28 00:00:00
amazon
amazon
Medium: ruby
2012-10-23 10:43:00
rubygems
rubygems
Ruby Exception#to_s / NameError#to_s Methods Safe Level Security Bypass
2012-10-11 20:00:00
redhat
redhat
(RHSA-2013:0582) Moderate: Red Hat OpenShift Enterprise 1.1.1 update
2013-02-28 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
Low
EPSS
0.004
Percentile
74.7%
Related for USN-1602-1