Oval Definition:	oval:org.mitre.oval:def:23147
Revision Date: 2014-05-26 Version: 20 Title: ELSA-2013:0129: ruby security and bug fix update (Moderate) Description: The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2012-4481 CVE-2012-4522 ELSA-2013:0129-00 Platform(s): Oracle Linux 5 Product(s): ruby Definition Synopsis Oracle Linux 5.x AND rpm test ruby-tcltk is earlier than 0:1.8.5-27.el5 OR ruby-ri is earlier than 0:1.8.5-27.el5 OR ruby-rdoc is earlier than 0:1.8.5-27.el5 OR ruby-devel is earlier than 0:1.8.5-27.el5 OR ruby-mode is earlier than 0:1.8.5-27.el5 OR ruby is earlier than 0:1.8.5-27.el5 OR ruby-docs is earlier than 0:1.8.5-27.el5 OR ruby-libs is earlier than 0:1.8.5-27.el5 OR ruby-irb is earlier than 0:1.8.5-27.el5
BACK