3051 matches found
CVE-2006-4112
Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service application hang or "data loss," a differen...
DEBIAN-CVE-2006-4112
Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service application hang or "data loss," a differen...
CVE-2006-4112
Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service application hang or "data loss," a differen...
CVE-2006-4112
CVE-2006-4112 concerns Ruby on Rails 1.1.0–1.1.5 where the dependency resolution mechanism in routing can be triggered to execute arbitrary Ruby code via an improperly handled URL, potentially causing DoS (application hang) or data loss. The issue is distinct from CVE-2006-4111. Public sources in...
CVE-2006-4112
Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service application hang or "data loss," a differen...
CVE-2006-4112
Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service application hang or "data loss," a differen...
rubygem-rails -- evaluation of ruby code
The Ruby on Rails blog reports: With Rails 1.1.0 through 1.1.5 minus the short-lived 1.1.3, you can trigger the evaluation of Ruby code through the URL because of a bug in the routing code of Rails. This means that you can essentially take down a Rails process by starting something like...
CentOS 3 / 4 : postgresql (CESA-2005:433)
Updated postgresql packages that fix several security vulnerabilities and risks of data loss are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system DBMS that...
Sun Java Runtime Environment 1.31.41.5 - Nested Array Objects Denial of Service
Sun Java Runtime Environment 1.31.41.5 - Nested Array Objects Denial of Service source: https://www.securityfocus.com/bid/18058/info The Sun Java Runtime Environment is vulnerable to a denial-of-service vulnerability. This issue is due to the software's failure to handle exceptional conditions...
Sun Java Runtime Environment 1.3/1.4/1.5 - Nested Array Objects Denial of Service
source: https://www.securityfocus.com/bid/18058/info The Sun Java Runtime Environment is vulnerable to a denial-of-service vulnerability. This issue is due to the software's failure to handle exceptional conditions. This issue is reported to affect Java Runtime Environment versions up to 1.4.211...
Ubuntu 4.10 / 5.04 : tiff vulnerability (USN-156-1)
Wouter Hanegraaff discovered that the TIFF library did not sufficiently validate the 'YCbCr subsampling' value in TIFF image headers. Decoding a malicious image with a zero value resulted in an arithmetic exception, which caused the program that uses the TIFF library to crash. This leads to a...
osTicket setup.php Accessibility
The target is running at least one instance of an improperly secured installation of osTicket and allows access to setup.php. Since that script does not require authenticated access, it is possible for an attacker to modify osTicket's configuration using a specially crafted call to setup.php to...
[USN-156-1] TIFF vulnerability
=========================================================== Ubuntu Security Notice USN-156-1 July 29, 2005 tiff vulnerability https://bugzilla.ubuntu.com/showbug.cgi?id=12008 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu...
Skype Technologies Skype 0.921.01.1 - Insecure Temporary File Creation
Skype Technologies Skype 0.921.01.1 - Insecure Temporary File Creation source: https://www.securityfocus.com/bid/14293/info Skype is affected by an insecure temporary file creation vulnerability. Exploitation would most likely result in loss of data or a denial of service if critical files are...
FreeBSD : python -- SimpleXMLRPCServer.py allows unrestricted traversal (6afa87d3-764b-11d9-b0e7-0000e249a0a2)
According to Python Security Advisory PSF-2005-001, The Python development team has discovered a flaw in the SimpleXMLRPCServer library module which can give remote attackers access to internals of the registered object or its module or possibly other modules. The flaw only affects Python XML-RPC...
postgresql, rh security update
CentOS Errata and Security Advisory CESA-2005:433 Updated postgresql packages that fix several security vulnerabilities and risks of data loss are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced...
evolution security update
CentOS Errata and Security Advisory CESA-2005:238 Updated evolution packages that fix various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information management PIM tools...
Low: Red Hat Security Advisory: evolution security update
Updated evolution packages that fix various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information management PIM tools. Evolution includes a mailer, calendar, contact manage...
ColdFusion Error Page XSS
Binary data 2893.prm...
CVE-2002-1642
This CVE affects PostgreSQL 7.2.1 and 7.2.2. The vulnerability arises in the VACUUM path, where local users can delete transaction log data (pg_clog), leading to a denial of service and potential data loss. The connected Red Hat/RH and NVD sources corroborate that the issue concerns local access ...