5 matches found
USN-1603-2: Ruby vulnerabilities
USN-1603-1 fixed vulnerabilities in Ruby. This update provides the corresponding updates for Ubuntu 12.10. Original advisory details: Shugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to...
USN-1614-1: Ruby vulnerabilities
Tyler Hicks and Shugo Maeda discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. USN-1602-1 fixed these vulnerabilities in other Ubuntu releases. This update provides the...
USN-1602-1: Ruby vulnerabilities
Tyler Hicks and Shugo Maeda discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. CVE-2012-4464, CVE-2012-4466...
USN-1377-1: Ruby vulnerabilities
Drew Yao discovered that the WEBrick HTTP server was vulnerable to cross-site scripting attacks when displaying error pages. A remote attacker could use this flaw to run arbitrary web script. CVE-2010-0541 Drew Yao discovered that Ruby's BigDecimal module did not properly allocate memory on 64-bi...
Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : ruby1.8 vulnerabilities (USN-1377-1)
Drew Yao discovered that the WEBrick HTTP server was vulnerable to cross-site scripting attacks when displaying error pages. A remote attacker could use this flaw to run arbitrary web script. CVE-2010-0541 Drew Yao discovered that Ruby's BigDecimal module did not properly allocate memory on 64-bi...