CVE-2010-2489
published 2010-07-12CVE-2010-2489: Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow local users to gain privileges via a crafted ARGF.inplace_mode value that is not…
PriorityP428high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
0.41%
32.4th percentile
Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow local users to gain privileges via a crafted ARGF.inplace_mode value that is not properly handled when constructing the filenames of the backup files.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
| ruby-lang | ruby | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://osdir.com/ml/ruby-talk/2010-07/msg00095.htmlhttp://secunia.com/advisories/40442http://svn.ruby-lang.org/repos/ruby/tags/v1_9_1_429/ChangeLoghttp://svn.ruby-lang.org/repos/ruby/tags/v1_9_2_rc1/ChangeLoghttp://www.openwall.com/lists/oss-security/2010/07/02/1http://www.openwall.com/lists/oss-security/2010/07/02/10http://www.osvdb.org/66040http://www.ruby-lang.org/en/news/2010/07/02/ruby-1-9-1-p429-is-released/http://www.securityfocus.com/bid/41321https://exchange.xforce.ibmcloud.com/vulnerabilities/60135http://osdir.com/ml/ruby-talk/2010-07/msg00095.htmlhttp://secunia.com/advisories/40442http://svn.ruby-lang.org/repos/ruby/tags/v1_9_1_429/ChangeLoghttp://svn.ruby-lang.org/repos/ruby/tags/v1_9_2_rc1/ChangeLoghttp://www.openwall.com/lists/oss-security/2010/07/02/1http://www.openwall.com/lists/oss-security/2010/07/02/10http://www.osvdb.org/66040http://www.ruby-lang.org/en/news/2010/07/02/ruby-1-9-1-p429-is-released/http://www.securityfocus.com/bid/41321https://exchange.xforce.ibmcloud.com/vulnerabilities/60135
2010-07-12
Published