CVE-2005-2337

Publication date 7 October 2005

Last updated 24 July 2024


Ubuntu priority

Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input (stdin).

Status

Package Ubuntu Release Status
ruby1.8 7.04 feisty
Not affected
6.10 edgy
Not affected
6.06 LTS dapper
Not affected
ruby1.9 7.04 feisty
Fixed 1.9.0+20060423-3ubuntu1
6.10 edgy
Fixed 1.9.0+20060423-3ubuntu1
6.06 LTS dapper
Fixed 1.9.0+20060423-3ubuntu1

References

Related Ubuntu Security Notices (USN)

    • USN-196-1
    • Xine library vulnerability
    • 10 October 2005
    • USN-195-1
    • Ruby vulnerability
    • 10 October 2005

Other references