National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • Keyword (text search): Ruby
There are 423 matching records.
Displaying matches 401 through 420.
Vuln ID Summary CVSS Severity
CVE-2007-6183

Format string vulnerability in the mdiag_initialize function in gtk/src/rbgtkmessagedialog.c in Ruby-GNOME 2 (aka Ruby/Gnome2) 0.16.0, and SVN versions before 20071127, allows context-dependent attackers to execute arbitrary code via format string specifiers in the message parameter.

Published: November 29, 2007; 07:46:00 PM -05:00
    V2: 6.8 MEDIUM
CVE-2007-6077

The session fixation protection mechanism in cgi_process.rb in Rails 1.2.4, as used in Ruby on Rails, removes the :cookie_only attribute from the DEFAULT_SESSION_OPTIONS constant, which effectively causes cookie_only to be applied only to the first instantiation of CgiRequest, which allows remote attackers to conduct session fixation attacks. NOTE: this is due to an incomplete fix for CVE-2007-5380.

Published: November 21, 2007; 04:46:00 PM -05:00
    V2: 6.8 MEDIUM
CVE-2007-5770

The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName (CN) field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site, different components than CVE-2007-5162.

Published: November 13, 2007; 08:46:00 PM -05:00
    V2: 5.0 MEDIUM
CVE-2007-5379

Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers and ActiveResource servers to determine the existence of arbitrary files and read arbitrary XML files via the Hash.from_xml (Hash#from_xml) method, which uses XmlSimple (XML::Simple) unsafely, as demonstrated by reading passwords from the Pidgin (Gaim) .purple/accounts.xml file.

Published: October 19, 2007; 07:17:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2007-5380

Session fixation vulnerability in Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers to hijack web sessions via unspecified vectors related to "URL-based sessions."

Published: October 19, 2007; 07:17:00 PM -04:00
    V2: 6.8 MEDIUM
CVE-2007-5162

The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName (CN) field in a server certificate matches the domain name in an HTTPS request, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site.

Published: October 01, 2007; 01:17:00 AM -04:00
    V2: 4.3 MEDIUM
CVE-2007-3227

Cross-site scripting (XSS) vulnerability in the to_json (ActiveRecord::Base#to_json) function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values.

Published: June 14, 2007; 07:30:00 PM -04:00
    V2: 4.3 MEDIUM
CVE-2007-2666

Stack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4.1.1 and earlier, allows user-assisted remote attackers to execute arbitrary code via certain Ruby (.rb) files with long lines. NOTE: this was originally reported as a vulnerability in notepad++.

Published: May 14, 2007; 07:19:00 PM -04:00
    V2: 7.6 HIGH
CVE-2007-2383

The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka "JavaScript Hijacking."

Published: April 30, 2007; 07:19:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2006-6979

The ruby handlers in the Magnatune component in Amarok do not properly quote text in certain contexts, probably including construction of an unzip command line, which allows attackers to execute arbitrary commands via shell metacharacters.

Published: February 08, 2007; 01:28:00 PM -05:00
    V2: 7.5 HIGH
CVE-2007-0469

The extract_files function in installer.rb in RubyGems before 0.9.1 does not check whether files exist before overwriting them, which allows user-assisted remote attackers to overwrite arbitrary files, cause a denial of service, or execute arbitrary code via crafted GEM packages.

Published: January 23, 2007; 08:28:00 PM -05:00
    V2: 9.3 HIGH
CVE-2006-6852

Eval injection vulnerability in tDiary 2.0.3 and 2.1.4.200 61127 allows remote authenticated users to execute arbitrary Ruby code via unspecified vectors, possibly related to incorrect input validation by (1) conf.rhtml and (2) i.conf.rhtml. NOTE: some of these details are obtained from third party information.

Published: December 31, 2006; 12:00:00 AM -05:00
    V2: 6.0 MEDIUM
CVE-2006-6303

The read_multipart function in cgi.rb in Ruby before 1.8.5-p2 does not properly detect boundaries in MIME multipart content, which allows remote attackers to cause a denial of service (infinite loop) via crafted HTTP requests, a different issue than CVE-2006-5467.

Published: December 06, 2006; 02:28:00 PM -05:00
    V2: 5.0 MEDIUM
CVE-2006-5467

The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an HTTP request with a multipart MIME body that contains an invalid boundary specifier, as demonstrated using a specifier that begins with a "-" instead of "--" and contains an inconsistent ID.

Published: October 27, 2006; 02:07:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2006-4111

Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOAD_PATH variable, a different vulnerability than CVE-2006-4112.

Published: August 14, 2006; 05:04:00 PM -04:00
    V2: 7.5 HIGH
CVE-2006-4112

Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service (application hang) or "data loss," a different vulnerability than CVE-2006-4111.

Published: August 14, 2006; 05:04:00 PM -04:00
    V2: 7.5 HIGH
CVE-2006-3694

Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving (1) the alias function and (2) "directory operations".

Published: July 21, 2006; 10:03:00 AM -04:00
    V2: 6.4 MEDIUM
CVE-2006-2582

The editing form in RWiki 2.1.0pre1 through 2.1.0 allows remote attackers to execute arbitrary Ruby code via unknown attack vectors.

Published: May 25, 2006; 06:02:00 AM -04:00
    V2: 7.5 HIGH
CVE-2006-1931

The HTTP/XMLRPC server in Ruby before 1.8.2 uses blocking sockets, which allows attackers to cause a denial of service (blocked connections) via a large amount of data.

Published: April 20, 2006; 05:02:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2005-2337

Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input (stdin).

Published: October 07, 2005; 07:02:00 PM -04:00
    V2: 7.5 HIGH