Ruby '#to_s' Method Incomplete Fix Security Bypass Vulnerability

Ruby is prone to a security-bypass vulnerability.

An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions.

The following Ruby versions are affected:

1.8.6 through versions 1.8.6-420
1.8.7 through versions 1.8.7-330
1.8.8dev

Note: This issue is the result of an incomplete fix for the issue described in BID 46458 (Ruby '#to_s' Security Bypass Vulnerability).


 

Privacy Statement
Copyright 2010, SecurityFocus