VYPR
Unrated severityNVD Advisory· Published Apr 25, 2013· Updated Jun 16, 2026

CVE-2012-4466

CVE-2012-4466

Description

Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the string as tainted, a different vulnerability than CVE-2011-1005.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

35
  • Ruby Lang/Ruby34 versions
    cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*+ 33 more
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p160:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p17:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p173:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p174:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p22:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p248:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p249:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p299:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p301:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p302:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p330:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p334:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p352:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p357:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p358:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p370:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p71:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:p72:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:preview1:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:preview2:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:preview3:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.8.7:preview4:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.9.3:p0:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.9.3:p125:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:1.9.3:p194:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:2.0.0:p0:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:2.0.0:preview1:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:2.0.0:preview2:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:2.0.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:ruby-lang:ruby:2.0.0:rc2:*:*:*:*:*:*
  • Range: < 1.8.7 patchlevel 371, < 1.9.3 patchlevel 286, < 2.0 revision r37068

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.