Lucene search
RedhatCVELIST:CVE-2012-4522HistoryNov 24, 2012 - 8:00 p.m.
CVE-2012-4522
2012-11-2420:00:00
redhat
www.cve.org
1
The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path.
References
lists.fedoraproject.org/pipermail/package-announce/2012-October/090235.html
lists.fedoraproject.org/pipermail/package-announce/2012-October/090515.html
rhn.redhat.com/errata/RHSA-2013-0129.html
svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=37163
www.openwall.com/lists/oss-security/2012/10/12/6
www.openwall.com/lists/oss-security/2012/10/13/1
www.openwall.com/lists/oss-security/2012/10/16/1
www.ruby-lang.org/en/news/2012/10/12/poisoned-NUL-byte-vulnerability/
Related
openvas
openvas
FreeBSD Ports: ruby
2012-11-26 00:00:00
FreeBSD Ports: ruby
2012-11-26 00:00:00
Oracle: Security Advisory (ELSA-2013-0129)
2015-10-06 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: ruby-1.9.3.286-19.fc18
2012-10-18 03:50:20
[SECURITY] Fedora 17 Update: ruby-1.9.3.286-18.fc17
2012-10-22 01:59:29
[SECURITY] Fedora 17 Update: ruby-1.9.3.392-29.fc17
2013-03-05 23:33:43
cve
cve
CVE-2012-4522
2012-11-24 20:55:03
nvd
nvd
CVE-2012-4522
2012-11-24 20:55:03
ubuntucve
ubuntucve
CVE-2012-4522
2012-10-15 00:00:00
seebug
seebug
Ruby ζ¬ε°ζδ»Άεε»ΊζΌζ΄(CVE-2012-4522)
2012-10-23 00:00:00
freebsd
freebsd
prion
prion
Path traversal
2012-11-24 20:55:00
nessus
nessus
FreeBSD : ruby -- Unintentional file creation caused by inserting an illegal NUL character (3decc87d-2498-11e2-b0c7-000d601460a4)
2012-11-02 00:00:00
Fedora 17 : ruby-1.9.3.286-18.fc17 (2012-16086)
2012-10-22 00:00:00
Fedora 18 : ruby-1.9.3.286-19.fc18 (2012-16071)
2012-10-18 00:00:00
rubygems
rubygems
oraclelinux
oraclelinux
ruby security and bug fix update
2013-01-11 00:00:00
ubuntu
ubuntu
Ruby vulnerabilities
2012-10-23 00:00:00
centos
centos
ruby security update
2013-01-09 20:36:59
redhat
redhat
(RHSA-2013:0129) Moderate: ruby security and bug fix update
2013-01-08 00:00:00
(RHSA-2013:0582) Moderate: Red Hat OpenShift Enterprise 1.1.1 update
2013-02-28 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 04:45:35
osv
osv
ruby1.9.1 - security update
2015-05-30 00:00:00
debian
debian
[SECURITY] [DLA 235-1] ruby1.9.1 security update
2015-05-30 20:45:15