// For flags

CVE-2010-2489

 

Severity Score

7.2
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow local users to gain privileges via a crafted ARGF.inplace_mode value that is not properly handled when constructing the filenames of the backup files.

Desbordamiento de bĂșfer en Ruby v1.9.x anterior v1.9.1-p429 en Windows puede permitir a usuarios locales ganar privilegios mediante un valor ARGF.inplace_mode manipulado que no es correctamente manejado cuando construye los nombres de archivos de los ficheros backup

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2010-06-28 CVE Reserved
  • 2010-07-09 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ruby-lang
Search vendor "Ruby-lang"
Ruby
Search vendor "Ruby-lang" for product "Ruby"
1.9.0-0
Search vendor "Ruby-lang" for product "Ruby" and version "1.9.0-0"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
*-
Safe
Ruby-lang
Search vendor "Ruby-lang"
Ruby
Search vendor "Ruby-lang" for product "Ruby"
1.9.0-1
Search vendor "Ruby-lang" for product "Ruby" and version "1.9.0-1"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
*-
Safe
Ruby-lang
Search vendor "Ruby-lang"
Ruby
Search vendor "Ruby-lang" for product "Ruby"
1.9.0-2
Search vendor "Ruby-lang" for product "Ruby" and version "1.9.0-2"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
*-
Safe
Ruby-lang
Search vendor "Ruby-lang"
Ruby
Search vendor "Ruby-lang" for product "Ruby"
1.9.0-20060415
Search vendor "Ruby-lang" for product "Ruby" and version "1.9.0-20060415"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
*-
Safe
Ruby-lang
Search vendor "Ruby-lang"
Ruby
Search vendor "Ruby-lang" for product "Ruby"
1.9.0-20070709
Search vendor "Ruby-lang" for product "Ruby" and version "1.9.0-20070709"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
*-
Safe
Ruby-lang
Search vendor "Ruby-lang"
Ruby
Search vendor "Ruby-lang" for product "Ruby"
1.9.1
Search vendor "Ruby-lang" for product "Ruby" and version "1.9.1"
-p0
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
*-
Safe
Ruby-lang
Search vendor "Ruby-lang"
Ruby
Search vendor "Ruby-lang" for product "Ruby"
1.9.1
Search vendor "Ruby-lang" for product "Ruby" and version "1.9.1"
-p129
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
*-
Safe
Ruby-lang
Search vendor "Ruby-lang"
Ruby
Search vendor "Ruby-lang" for product "Ruby"
1.9.1
Search vendor "Ruby-lang" for product "Ruby" and version "1.9.1"
-p243
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
*-
Safe
Ruby-lang
Search vendor "Ruby-lang"
Ruby
Search vendor "Ruby-lang" for product "Ruby"
1.9.1
Search vendor "Ruby-lang" for product "Ruby" and version "1.9.1"
-p376
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
*-
Safe
Ruby-lang
Search vendor "Ruby-lang"
Ruby
Search vendor "Ruby-lang" for product "Ruby"
1.9.1
Search vendor "Ruby-lang" for product "Ruby" and version "1.9.1"
-p429
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
*-
Safe
Ruby-lang
Search vendor "Ruby-lang"
Ruby
Search vendor "Ruby-lang" for product "Ruby"
1.9.1
Search vendor "Ruby-lang" for product "Ruby" and version "1.9.1"
-preview_1
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
*-
Safe
Ruby-lang
Search vendor "Ruby-lang"
Ruby
Search vendor "Ruby-lang" for product "Ruby"
1.9.1
Search vendor "Ruby-lang" for product "Ruby" and version "1.9.1"
-preview_2
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
*-
Safe
Ruby-lang
Search vendor "Ruby-lang"
Ruby
Search vendor "Ruby-lang" for product "Ruby"
1.9.1
Search vendor "Ruby-lang" for product "Ruby" and version "1.9.1"
-rc1
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
*-
Safe
Ruby-lang
Search vendor "Ruby-lang"
Ruby
Search vendor "Ruby-lang" for product "Ruby"
1.9.1
Search vendor "Ruby-lang" for product "Ruby" and version "1.9.1"
-rc2
Affected
in Microsoft
Search vendor "Microsoft"
Windows
Search vendor "Microsoft" for product "Windows"
*-
Safe