CVE-2012-5380 - Untrusted search path vulnerability in the installation functionality in Ruby 1.9.3-p194, when insta

CVE-2012-5380

Summary

Untrusted search path vulnerability in the installation functionality in Ruby 1.9.3-p194, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\Ruby193\bin directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the Ruby installation

References

https://www.htbridge.com/advisory/HTB23108

Vulnerable Configurations

cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:1.9.3:*:*:*:*:*:*:*

CVSS

Base:	6.0 (as of 11-04-2024 - 00:49)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	HIGH	SINGLE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:H/Au:S/C:C/I:C/A:C

refmap via4

misc

https://www.htbridge.com/advisory/HTB23108

Last major update

11-04-2024 - 00:49

Published

11-10-2012 - 10:51

Last modified

11-04-2024 - 00:49