• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Yukihiro Matsumoto Ruby SAFE Level Restriction Bypass Vulnerability

Ruby is susceptible to a SAFE level restriction-bypass vulnerability. This issue is due to a flaw in the logic that implements the SAFE level checks.

This issue allows attackers to bypass the expected SAFE level restrictions, possibly allowing them to execute unauthorized script code in the context of affected applications.

The specific impact of this issue depends on the implementation of scripts that use SAFE level security checks.

Ruby versions prior to 1.8.3 are vulnerable to this issue.