Unrated severityNVD Advisory· Published Jun 20, 2005· Updated Apr 16, 2026

CVE-2005-1992

Description

The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands.

Affected products

Yukihiro Matsumoto/Ruby
cpe:2.3:a:yukihiro_matsumoto:ruby:1.8:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-core/5237nvdPatch
www.kb.cert.org/vuls/id/684913nvdUS Government Resource
bugs.debian.org/cgi-bin/bugreport.cginvd
lists.apple.com/archives/security-announce/2005/Sep/msg00002.htmlnvd
secunia.com/advisories/16920/nvd
www.auscert.org.au/5509nvd
www.ciac.org/ciac/bulletins/p-312.shtmlnvd
www.debian.org/security/2005/dsa-748nvd
www.novell.com/linux/security/advisories/2005_18_sr.htmlnvd
www.redhat.com/support/errata/RHSA-2005-543.htmlnvd
www.securityfocus.com/bid/14016nvd
www2.ruby-lang.org/en/20050701.htmlnvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10819nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000