[Japanese] | |
JVNDB-2005-000538 | |
Ruby vulnerability allowing to bypass safe level 4 as a sandbox | |
Overview | |
Ruby is a object-oriented scripting language that supports execution of untrusted code with two mechanisms: "object taint" and "safe level". Ruby contains a vulnerability that may allow an attacker to execute an arbitrary script by bypassing the "safe level" checks. | |
CVSS Severity (What is CVSS?) | |
CVSS V2 Severity:
Base Metrics 4.4 (Medium) [IPA Score]
| |
Affected Products | |
| |
Ruby | |
| |
Impact | |
An attacker could possibly execute an arbitrary script. | |
Solution | |
| |
Vendor Information | |
Ruby | |
CWE (What is CWE?) | |
| |
CVE (What is CVE?) | |
| |
References | |
| |
Revision History | |
|
Date Public | 2005/09/21 |
Date First Published | 2008/05/21 |
Date Last Updated | 2008/05/21 |