Back to search
CVE-2005-2337
Published: Oct 7, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input (stdin).
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
17951
vdb-entry
x_refsource_BID
16904
third-party-advisory
x_refsource_SECUNIA
ADV-2006-1779
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:10564
vdb-entry
signature
x_refsource_OVAL
SUSE-SR:2006:005
vendor-advisory
x_refsource_SUSE
TA06-132A
third-party-advisory
x_refsource_CERT
ruby-eval-security-bypass(22360)
vdb-entry
x_refsource_XF
http://jvn.jp/jp/JVN%2362914675/index.html
x_refsource_MISC
DSA-860
vendor-advisory
x_refsource_DEBIAN
17098
third-party-advisory
x_refsource_SECUNIA
17285
third-party-advisory
x_refsource_SECUNIA
VU#160012
third-party-advisory
x_refsource_CERT-VN
59
third-party-advisory
x_refsource_SREASON
DSA-864
vendor-advisory
x_refsource_DEBIAN
17147
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2006-05-11
vendor-advisory
x_refsource_APPLE
19130
third-party-advisory
x_refsource_SECUNIA
14909
vdb-entry
x_refsource_BID
1014948
vdb-entry
x_refsource_SECTRACK
17129
third-party-advisory
x_refsource_SECUNIA
RHSA-2005:799
vendor-advisory
x_refsource_REDHAT
GLSA-200510-05
vendor-advisory
x_refsource_GENTOO
MDKSA-2005:191
vendor-advisory
x_refsource_MANDRIVA
20077
third-party-advisory
x_refsource_SECUNIA
USN-195-1
vendor-advisory
x_refsource_UBUNTU
http://www.ruby-lang.org/en/20051003.html
x_refsource_CONFIRM
17094
third-party-advisory
x_refsource_SECUNIA
DSA-862
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now