PublicDate: 2007-01-24 01:28:00 UTC
Candidate: CVE-2007-0469
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0469
Description:
 The extract_files function in installer.rb in RubyGems before 0.9.1 does
 not check whether files exist before overwriting them, which allows
 user-assisted remote attackers to overwrite arbitrary files, cause a denial
 of service, or execute arbitrary code via crafted GEM packages.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_libgems-ruby: DNE
edgy_libgems-ruby: DNE
feisty_libgems-ruby: needed (reached end-of-life)
gutsy_libgems-ruby: released (0.9.4-1ubuntu1)
hardy_libgems-ruby: released (0.9.4-1ubuntu1)
devel_libgems-ruby: released (0.9.4-1ubuntu1)
upstream_libgems-ruby: needs-triage