Lucene search
UbuntuUSN-1602-1HistoryOct 10, 2012 - 12:00 a.m.
Ruby vulnerabilities
2012-10-1000:00:00
ubuntu.com
36
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.7%
Releases
- Ubuntu 12.04
Packages
- ruby1.9.1 - Interpreter of object-oriented scripting language Ruby
Details
Tyler Hicks and Shugo Maeda discovered that Ruby incorrectly allowed untainted
strings to be modified in protective safe levels. An attacker could use this
flaw to bypass intended access restrictions. (CVE-2012-4464, CVE-2012-4466)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 12.04 | noarch | libruby1.9.1 | < 1.9.3.0-1ubuntu2.3 | UNKNOWN |
| Ubuntu | 12.04 | noarch | libruby1.9.1-dbg | < 1.9.3.0-1ubuntu2.3 | UNKNOWN |
| Ubuntu | 12.04 | noarch | libtcltk-ruby1.9.1 | < 1.9.3.0-1ubuntu2.3 | UNKNOWN |
| Ubuntu | 12.04 | noarch | ruby1.9.1 | < 1.9.3.0-1ubuntu2.3 | UNKNOWN |
| Ubuntu | 12.04 | noarch | ruby1.9.1-dev | < 1.9.3.0-1ubuntu2.3 | UNKNOWN |
Related
freebsd
freebsd
ruby -- $SAFE escaping vulnerability about Exception#to_s/NameError#to_s
2012-08-21 00:00:00
nessus
nessus
Ubuntu 12.04 LTS : ruby1.9.1 vulnerabilities (USN-1602-1)
2012-10-11 00:00:00
Fedora 17 : ruby-1.9.3.194-17.fc17 (2012-15395)
2012-10-15 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: ruby-1.9.3.194-18.fc18
2012-10-09 00:29:34
[SECURITY] Fedora 17 Update: ruby-1.9.3.194-17.fc17
2012-10-14 03:50:48
[SECURITY] Fedora 17 Update: ruby-1.9.3.286-18.fc17
2012-10-22 01:59:29
openvas
openvas
Ubuntu Update for ruby1.9.1 USN-1602-1
2012-10-11 00:00:00
Fedora Update for ruby FEDORA-2012-15395
2012-10-16 00:00:00
FreeBSD Ports: ruby
2012-11-26 00:00:00
cve
cve
CVE-2012-4464
2013-04-25 23:55:01
CVE-2012-4466
2013-04-25 23:55:01
nvd
nvd
CVE-2012-4464
2013-04-25 23:55:01
CVE-2012-4466
2013-04-25 23:55:01
ubuntu
ubuntu
Ruby vulnerabilities
2012-10-23 00:00:00
Ruby vulnerabilities
2012-10-10 00:00:00
Ruby vulnerabilities
2012-10-23 00:00:00
prion
prion
Design/Logic Flaw
2013-04-25 23:55:00
Code injection
2013-04-25 23:55:00
cvelist
cvelist
CVE-2012-4464
2013-04-25 23:00:00
CVE-2012-4466
2013-04-25 23:00:00
ubuntucve
ubuntucve
CVE-2012-4464
2012-10-03 00:00:00
CVE-2012-4466
2012-10-03 00:00:00
veracode
veracode
Authorization Bypass
2019-05-02 04:53:42
Authorization Bypass
2019-05-02 04:53:43
amazon
amazon
Medium: ruby
2012-10-23 10:43:00
securityvulns
securityvulns
[USN-1603-1] Ruby vulnerabilities
2012-10-15 00:00:00
Ruby restrictions bypass
2012-10-15 00:00:00
seebug
seebug
Ruby 安全级别限制绕过漏洞(CVE-2012-4466)
2013-04-28 00:00:00
rubygems
rubygems
Ruby Exception#to_s / NameError#to_s Methods Safe Level Security Bypass
2012-10-11 20:00:00
redhat
redhat
(RHSA-2013:0582) Moderate: Red Hat OpenShift Enterprise 1.1.1 update
2013-02-28 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.7%
Related for USN-1602-1