CVE-2010-2489
Published: 12 July 2010
Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow local users to gain privileges via a crafted ARGF.inplace_mode value that is not properly handled when constructing the filenames of the backup files.
Notes
Author | Note |
---|---|
sbeattie | Windows only |
Priority
Status
Package | Release | Status |
---|---|---|
ruby1.8 Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
(Windows only)
|
hardy |
Not vulnerable
(Windows only)
|
|
jaunty |
Not vulnerable
(Windows only)
|
|
karmic |
Not vulnerable
(Windows only)
|
|
lucid |
Not vulnerable
(Windows only)
|
|
upstream |
Needs triage
|
|
ruby1.9.1 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Not vulnerable
(Windows only)
|
|
lucid |
Not vulnerable
(Windows only)
|
|
upstream |
Released
(1.9.1-p429, 1.9.2-RC1)
|