Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2012-4466

Опубликовано: 25 апр. 2013
Источник: ubuntu
Приоритет: medium
CVSS2: 5

Описание

Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005.

РелизСтатусПримечание
devel

released

1.8.7.358-6ubuntu1
hardy

ignored

end of life
lucid

released

1.8.7.249-2ubuntu0.2
natty

released

1.8.7.302-2ubuntu0.2
oneiric

released

1.8.7.352-2ubuntu0.2
precise

released

1.8.7.352-2ubuntu1.1
quantal

released

1.8.7.358-4ubuntu0.1
upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

DNE

hardy

not-affected

lucid

not-affected

maverick

DNE

natty

DNE

oneiric

DNE

precise

DNE

quantal

DNE

upstream

not-affected

Показывать по

РелизСтатусПримечание
devel

released

1.9.3.194-1ubuntu1.1
hardy

DNE

lucid

not-affected

natty

not-affected

oneiric

not-affected

1.9.2.290-2
precise

released

1.9.3.0-1ubuntu2.3
quantal

released

1.9.3.194-1ubuntu1.1
upstream

needs-triage

Показывать по

Ссылки на источники

5 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2012-4466

redhat
больше 13 лет назад

Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005.

nvd логотип

CVE-2012-4466

nvd
почти 13 лет назад

Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005.

debian логотип

CVE-2012-4466

debian
почти 13 лет назад

Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 ...

github логотип

GHSA-gm9g-777x-3fp6

github
больше 3 лет назад

Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005.

5 Medium

CVSS2