Lucene search
RubySecRUBY:RAILS-2006-4112HistoryOct 23, 2017 - 9:00 p.m.
High severity vulnerability that affects rails.
2017-10-2321:00:00
RubySec
rubysec.com
8
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.027 Low
EPSS
Percentile
90.6%
Unspecified vulnerability in the “dependency resolution mechanism” in
Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby
code via a URL that is not properly handled in the routing code, which leads to
a denial of service (application hang) or “data loss,” a different vulnerability
than CVE-2006-4111.
Related
cve
cve
CVE-2006-4112
2006-08-14 21:04:00
CVE-2006-4111
2006-08-14 21:04:00
openvas
openvas
Gentoo Security Advisory GLSA 200608-20 (rails)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200608-20 (rails)
2008-09-24 00:00:00
cvelist
cvelist
CVE-2006-4112
2006-08-14 21:00:00
CVE-2006-4111
2006-08-14 21:00:00
ubuntucve
ubuntucve
CVE-2006-4112
2006-08-14 00:00:00
CVE-2006-4111
2006-08-14 00:00:00
debiancve
debiancve
CVE-2006-4111
2006-08-14 21:04:00
CVE-2006-4112
2006-08-14 21:04:00
gentoo
gentoo
Ruby on Rails: Several vulnerabilities
2006-08-14 00:00:00
osv
osv
Ruby on Rails vulnerable to code injection
2017-10-24 18:33:38
High severity vulnerability that affects rails.
2017-10-24 18:33:38
nvd
nvd
CVE-2006-4111
2006-08-14 21:04:00
CVE-2006-4112
2006-08-14 21:04:00
github
github
Ruby on Rails vulnerable to code injection
2017-10-24 18:33:38
High severity vulnerability that affects rails.
2017-10-24 18:33:38
nessus
nessus
GLSA-200608-20 : Ruby on Rails: Several vulnerabilities
2006-08-21 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.027 Low
EPSS
Percentile
90.6%
Related for RUBY:RAILS-2006-4112