Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ruby | Ruby-lang | 1.8.7 (including) | 1.8.7 (including) |
Ruby | Ruby-lang | 1.8.7-p160 (including) | 1.8.7-p160 (including) |
Ruby | Ruby-lang | 1.8.7-p17 (including) | 1.8.7-p17 (including) |
Ruby | Ruby-lang | 1.8.7-p173 (including) | 1.8.7-p173 (including) |
Ruby | Ruby-lang | 1.8.7-p174 (including) | 1.8.7-p174 (including) |
Ruby | Ruby-lang | 1.8.7-p22 (including) | 1.8.7-p22 (including) |
Ruby | Ruby-lang | 1.8.7-p248 (including) | 1.8.7-p248 (including) |
Ruby | Ruby-lang | 1.8.7-p249 (including) | 1.8.7-p249 (including) |
Ruby | Ruby-lang | 1.8.7-p299 (including) | 1.8.7-p299 (including) |
Ruby | Ruby-lang | 1.8.7-p301 (including) | 1.8.7-p301 (including) |
Ruby | Ruby-lang | 1.8.7-p302 (including) | 1.8.7-p302 (including) |
Ruby | Ruby-lang | 1.8.7-p330 (including) | 1.8.7-p330 (including) |
Ruby | Ruby-lang | 1.8.7-p334 (including) | 1.8.7-p334 (including) |
Ruby | Ruby-lang | 1.8.7-p352 (including) | 1.8.7-p352 (including) |
Ruby | Ruby-lang | 1.8.7-p357 (including) | 1.8.7-p357 (including) |
Ruby | Ruby-lang | 1.8.7-p358 (including) | 1.8.7-p358 (including) |
Ruby | Ruby-lang | 1.8.7-p370 (including) | 1.8.7-p370 (including) |
Ruby | Ruby-lang | 1.8.7-p71 (including) | 1.8.7-p71 (including) |
Ruby | Ruby-lang | 1.8.7-p72 (including) | 1.8.7-p72 (including) |
Ruby | Ruby-lang | 1.8.7-preview1 (including) | 1.8.7-preview1 (including) |
Ruby | Ruby-lang | 1.8.7-preview2 (including) | 1.8.7-preview2 (including) |
Ruby | Ruby-lang | 1.8.7-preview3 (including) | 1.8.7-preview3 (including) |
Ruby | Ruby-lang | 1.8.7-preview4 (including) | 1.8.7-preview4 (including) |
Ruby | Ruby-lang | 1.9.3 (including) | 1.9.3 (including) |
Ruby | Ruby-lang | 1.9.3-p0 (including) | 1.9.3-p0 (including) |
Ruby | Ruby-lang | 1.9.3-p125 (including) | 1.9.3-p125 (including) |
Ruby | Ruby-lang | 1.9.3-p194 (including) | 1.9.3-p194 (including) |
Ruby | Ruby-lang | 2.0 (including) | 2.0 (including) |
Ruby | Ruby-lang | 2.0.0 (including) | 2.0.0 (including) |
Ruby | Ruby-lang | 2.0.0-p0 (including) | 2.0.0-p0 (including) |
Ruby | Ruby-lang | 2.0.0-preview1 (including) | 2.0.0-preview1 (including) |
Ruby | Ruby-lang | 2.0.0-preview2 (including) | 2.0.0-preview2 (including) |
Ruby | Ruby-lang | 2.0.0-rc1 (including) | 2.0.0-rc1 (including) |
Ruby | Ruby-lang | 2.0.0-rc2 (including) | 2.0.0-rc2 (including) |