[Japanese] | |
JVNDB-2006-000858 | |
Ruby vulnerability caused by a problem with the alias funtion so that safe level 4 does not function as a sandbox | |
Overview | |
Safe levels exist as a part of the Ruby language security model, in order to limit the operation of untrusted objects. Ruby contains a vulnerability which may allow an attacker to bypass the safe level restrictions and execute normally inaccessible methods, due to a problem in Ruby's alias function. | |
CVSS Severity (What is CVSS?) | |
CVSS V2 Severity:
Base Metrics 1.2 (Low) [IPA Score]
| |
Affected Products | |
| |
Ruby | |
| |
Impact | |
An attacker could force programs to crash. | |
Solution | |
| |
Vendor Information | |
Ruby MIRACLE LINUX CORPORATION | |
CWE (What is CWE?) | |
| |
CVE (What is CVE?) | |
| |
References | |
| |
Revision History | |
|
Date Public | 2006/07/12 |
Date First Published | 2008/05/21 |
Date Last Updated | 2008/05/21 |