CVE-2010-3928 Information

Description

Ruby Version Manager (RVM) before 1.2.1 writes file contents to a terminal without sanitizing non-printable characters which might allow remote attackers to execute arbitrary commands via a crafted file related to an \escape sequence injection vulnerability.\ NOTE: some of these details are obtained from third party information.

Reference

http://jvn.jp/en/jp/JVN30414126/index.html http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000005.html http://osvdb.org/70521 http://secunia.com/advisories/42952 http://www.securityfocus.com/bid/45841 http://www.vupen.com/english/advisories/2011/0174 https://exchange.xforce.ibmcloud.com/vulnerabilities/64746