CVE-2012-4522

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path.

References

http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090235.html

http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090515.html

http://rhn.redhat.com/errata/RHSA-2013-0129.html

http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=37163

http://www.openwall.com/lists/oss-security/2012/10/12/6

http://www.openwall.com/lists/oss-security/2012/10/13/1

http://www.openwall.com/lists/oss-security/2012/10/16/1

http://www.ruby-lang.org/en/news/2012/10/12/poisoned-NUL-byte-vulnerability/

Details

Source: MITRE

Published: 2012-11-24

Updated: 2013-05-04

Type: CWE-264

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Tenable Plugins

View all (14 total)

IDNameProductFamilySeverity
124931EulerOS Virtualization 3.0.1.0 : ruby (EulerOS-SA-2019-1428)NessusHuawei Local Security Checks
critical
119432RHEL 6 : openshift (RHSA-2013:0582)NessusRed Hat Local Security Checks
high
83907Debian DLA-235-1 : ruby1.9.1 security updateNessusDebian Local Security Checks
medium
74909openSUSE Security Update : ruby19 (openSUSE-SU-2013:0376-1)NessusSuSE Local Security Checks
medium
68700Oracle Linux 5 : ruby (ELSA-2013-0129)NessusOracle Linux Local Security Checks
medium
65799SuSE 10 Security Update : ruby (ZYPP Patch Number 8524)NessusSuSE Local Security Checks
medium
65248SuSE 11.2 Security Update : ruby (SAT Patch Number 7386)NessusSuSE Local Security Checks
medium
63603Scientific Linux Security Update : ruby on SL5.x i386/x86_64 (20130108)NessusScientific Linux Local Security Checks
medium
63574CentOS 5 : ruby (CESA-2013:0129)NessusCentOS Local Security Checks
medium
63410RHEL 5 : ruby (RHSA-2013:0129)NessusRed Hat Local Security Checks
medium
62792FreeBSD : ruby -- Unintentional file creation caused by inserting an illegal NUL character (3decc87d-2498-11e2-b0c7-000d601460a4)NessusFreeBSD Local Security Checks
medium
62661Ubuntu 12.04 LTS / 12.10 : ruby1.9.1 vulnerabilities (USN-1614-1)NessusUbuntu Local Security Checks
medium
62648Fedora 17 : ruby-1.9.3.286-18.fc17 (2012-16086)NessusFedora Local Security Checks
medium
62607Fedora 18 : ruby-1.9.3.286-19.fc18 (2012-16071)NessusFedora Local Security Checks
medium