Published: 05/08/2011 Updated: 29/08/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Ruby prior to 1.8.6-p114 does not reset the random seed upon forking, which makes it easier for context-dependent malicious users to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ruby-lang ruby
ruby-lang ruby 1.8.6

Synopsis Low: ruby security, bug fix, and enhancement update Type/Severity Security Advisory: Low Topic Updated ruby packages that fix two security issues, various bugs, and addone enhancement are now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having ...

Synopsis Moderate: ruby security update Type/Severity Security Advisory: Moderate Topic Updated ruby packages that fix two security issues are now available forRed Hat Enterprise Linux 4 and 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerability Sc ...

CWE-310 http://redmine.ruby-lang.org/issues/show/4338 http://www.openwall.com/lists/oss-security/2011/07/20/1 http://www.securityfocus.com/bid/49126 http://www.redhat.com/support/errata/RHSA-2011-1581.html http://rhn.redhat.com/errata/RHSA-2012-0070.html https://exchange.xforce.ibmcloud.com/vulnerabilities/69157 https://access.redhat.com/errata/RHSA-2011:1581 https://nvd.nist.gov

CVE-2011-3009

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect