What is the severity of CVE-2012-5380?

CVE-2012-5380 is considered a moderate severity vulnerability due to its potential for privilege escalation.

How do I fix CVE-2012-5380?

To mitigate CVE-2012-5380, avoid installing Ruby in the top-level C:\ directory and ensure that your PATH does not include untrusted directories.

Who is affected by CVE-2012-5380?

CVE-2012-5380 affects users of Ruby version 1.9.3 when installed under specific conditions.

What kind of vulnerability is CVE-2012-5380?

CVE-2012-5380 is an untrusted search path vulnerability that can lead to privilege escalation.

What steps can I take to secure my Ruby installation related to CVE-2012-5380?

To secure your Ruby installation, always install it in a secure directory and validate all elements in your PATH environment variable.

Vulnerability/
CVE-2012-5380

medium

6.7

CWE

11/10/2012

17/9/2024

CVE-2012-5380: Path Traversal

First published: Thu Oct 11 2012(Updated: )

** DISPUTED ** Untrusted search path vulnerability in the installation functionality in Ruby 1.9.3-p194, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\Ruby193\bin directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the Ruby installation.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Ruby	=1.9.3

Never miss a vulnerability like this again

Reference Links

https://www.htbridge.com/advisory/HTB23108

Frequently Asked Questions

What is the severity of CVE-2012-5380?
CVE-2012-5380 is considered a moderate severity vulnerability due to its potential for privilege escalation.
How do I fix CVE-2012-5380?
To mitigate CVE-2012-5380, avoid installing Ruby in the top-level C:\ directory and ensure that your PATH does not include untrusted directories.
Who is affected by CVE-2012-5380?
CVE-2012-5380 affects users of Ruby version 1.9.3 when installed under specific conditions.
What kind of vulnerability is CVE-2012-5380?
CVE-2012-5380 is an untrusted search path vulnerability that can lead to privilege escalation.
What steps can I take to secure my Ruby installation related to CVE-2012-5380?
To secure your Ruby installation, always install it in a secure directory and validate all elements in your PATH environment variable.

agent/type
agent/author
agent/references
agent/status
agent/softwarecombine
agent/description
agent/severity
agent/weakness
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-index
vendor/ruby-lang
canonical/ruby
version/ruby/1.9.3
status/disputed

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.