CVE-2010-2489

Publication date 12 July 2010

Last updated 24 July 2024

Ubuntu priority

Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow local users to gain privileges via a crafted ARGF.inplace_mode value that is not properly handled when constructing the filenames of the backup files.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
ruby1.8	10.04 LTS lucid	Not affected
	9.10 karmic	Not affected
	9.04 jaunty	Not affected
	8.04 LTS hardy	Not affected
	6.06 LTS dapper	Not affected
ruby1.9.1	10.04 LTS lucid	Not affected
	9.10 karmic	Not affected
	9.04 jaunty	Not in release
	8.04 LTS hardy	Not in release
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?

Notes

sbeattie

Windows only

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2010-2489