3 matches found
Ruby 'ARGF.inplace_mode' Buffer Overflow Vulnerability
This host is installed with Ruby and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbrubybofvulnwin.nasl 8196 2017-12-20 12:13:37Z cfischer $ Ruby 'ARGF.inplacemode' Buffer Overflow Vulnerability Authors: Antu Sanadi Copyright: Copyright C 2010 Greenbone Networks GmbH...
CVE-2010-2489
Ruby 1.9.x before 1.9.1-p429 on Windows is affected by a buffer overflow in ARGF.inplace_mode used when constructing backup filenames, allowing local privilege escalation. The issue is addressed in Ruby 1.9.1-p429 (Ruby on Windows update). Affected components: Ruby 1.9.x, ARGF.inplace_mode handli...
Ruby ARGF.inplace_mode变量缓冲区溢出漏洞
BUGTRAQ ID: 41321 CVE ID: CVE-2010-2489 Ruby是一种功能强大的面向对象的脚本语言。 Ruby在Windows系统上没有正确地处理文件名,用户对ARGF.inplacemode变量分配了超长值就可以触发缓冲区溢出,导致执行任意代码。 Yukihiro Matsumoto Ruby 1.9.x 厂商补丁: Yukihiro Matsumoto ------------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...