Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability - CVE-2010-2489 - Vulnerability Database

Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability - CVE-2010-2489

High
Reference: CVE-2010-2489
Title: Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability
Overview:

Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow local users to gain privileges via a crafted ARGF.inplace_mode value that is not properly handled when constructing the filenames of the backup files.