Ruby Permissions Privileges and Access Controls Vulnerability - CVE-2011-1005 - Vulnerability Database

Ruby Permissions Privileges and Access Controls Vulnerability - CVE-2011-1005

Medium

Reference: CVE-2011-1005

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2011-1005

Title: Ruby Permissions Privileges and Access Controls Vulnerability

Overview:

The safe-level feature in Ruby 1.8.6 through 1.8.6-420 1.8.7 through 1.8.7-330 and 1.8.8dev allows context-dependent attackers to modify strings via the Exceptionto_s method as demonstrated by changing an intended pathname.