CVE-2005-2337

Name of the Vulnerable Software and Affected Versions Ruby versions 1.6.x up to 1.6.8 Ruby versions 1.8.x up to 1.8.2 Ruby version 1.9.0 development up to 2005-09-01

Description The issue allows attackers to bypass safe level and taint flag protections and execute disallowed code when Ruby processes a program through standard input. Multiple vulnerabilities in the Ruby package may lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely.

Recommendations For Ruby versions 1.6.x up to 1.6.8, update to a version later than 1.6.8 to resolve the issue. For Ruby versions 1.8.x up to 1.8.2, update to a version later than 1.8.2 to resolve the issue. For Ruby version 1.9.0 development up to 2005-09-01, update to a version later than 2005-09-01 to resolve the issue.