6 matches found
Mac OS X Security Update 2007-009
The remote host is missing Security Update 2007-009. One or more of the following components are affected: Address Book CFNetwork ColorSync Core Foundation CUPS Desktop Services Flash Player Plug-in GNU Tar iChat IO Storage Family Launch Services Mail perl python Quick Look ruby Safari Safari RSS...
Gentoo Security Advisory GLSA 200711-17 (rails)
The remote host is missing updates announced in advisory GLSA 200711-17. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200711-17 (rails)
The remote host is missing updates announced in advisory GLSA 200711-17. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ GLSA 200711-17 ] Ruby on Rails: Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200711-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...
CVE-2007-5379
Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers and ActiveResource servers to determine the existence of arbitrary files and read arbitrary XML files via the Hash.fromxml Hashfromxml method, which uses XmlSimple XML::Simple unsafely, as demonstrated by reading passwords fro...
CVE-2007-5379
CVE-2007-5379 affects Ruby on Rails installations using Rails prior to 1.2.4. The vulnerability stems from Hash.from_xml (Hash#from_xml) using XmlSimple unsafely, enabling remote attackers to determine the existence of arbitrary files and read arbitrary XML files (e.g., passwords from Pidgin .pur...