Ruby on Rails Dynamic Render code execution

Added: 11/11/2016 CVE: CVE-2016-0752 BID: 81801 Background Ruby on Rails is a web application framework written in Ruby. Problem A vulnerability in Ruby on Rails allows arbitrary code to be uploaded and executed on the server if the application endpoint users dynamic render paths. Resolution...

Ruby on Rails Dynamic Render code execution

Added: 11/11/2016 CVE: CVE-2016-0752 BID: 81801 Background Ruby on Rails is a web application framework written in Ruby. Problem A vulnerability in Ruby on Rails allows arbitrary code to be uploaded and executed on the server if the application endpoint users dynamic render paths. Resolution...

CVE-2016-8634

A vulnerability was found in foreman 1.14.0. When creating an organization or location in Foreman, if the name contains HTML then the second step of the wizard /organizations/id/step2 will render the HTML. This occurs in the alertbox on the page. The result is a stored XSS attack if an...

Ruby on Rails Dynamic Render File Upload Remote Code Execution

This Metasploit module exploits a remote code execution vulnerability in the explicit render method when leveraging user parameters. This Metasploit module has been tested across multiple versions of Ruby on Rails. The technique used by this module requires the specified endpoint to be using...

Ruby on Rails Dynamic Render File Upload Remote Code Execution

require 'msf/core' class MetasploitModule 'Ruby on Rails Dynamic Render File Upload Remote Code Execution', 'Description' = %q This module exploits a remote code execution vulnerability in the explicit render method when leveraging user parameters. This module has been tested across multiple...

Ruby on Rails Dynamic Render File Upload Remote Code Execution

This module exploits a remote code execution vulnerability in the explicit render method when leveraging user parameters. This module has been tested across multiple versions of Ruby on Rails. The technique used by this module requires the specified endpoint to be using dynamic render paths, such...

UBUNTU-CVE-2016-7549

Google Chrome before 53.0.2785.113 does not ensure that the recipient of a certain IPC message is a valid RenderFrame or RenderWidget, which allows remote attackers to cause a denial of service invalid pointer dereference and application crash or possibly have unspecified other impact by leveragi...

The vulnerability of Google Chrome browser allows a hacker to bypass the sandboxing protection mechanism.

The vulnerability in the PPAPI implementation of the Google Chrome browser is related to the lack of verification for the source of IPC messages for the plugin process management system. Exploiting this vulnerability allows a malicious actor to bypass the sandboxing mechanism by sending messages...

Snapchat: [render.bitstrips.com] Stored XSS via an incorrect avatar property value

While modifying an avatar, an attacker has the opportunity to submit XSS payloads as its property values. The resulting png file will return a 500 error with the payload in the response body. The response has a text/html content type, which makes the XSS attack possible. PoC: 1. Go to...

The vulnerability of Google Chrome’s browser allows a malicious actor to circumvent sandboxing restrictions.

Google Chrome browser contains a vulnerability related to incorrect block merging in the PointerCompare function of codegen.cc within Seccomp-BPF. Exploiting this vulnerability allows malicious actors to bypass sandbox restrictions by accessing the render process...

The vulnerability of Google Chrome browser allows a malicious actor to trigger a service failure.

Google Chrome browser contains a vulnerability related to memory usage after deallocation, known as a “use-after-free error,” in the RenderBlock::addChildIgnoringAnonymousColumnBlocks function in core/rendering/RenderBlock.cpp of Blink. Exploiting this vulnerability allows malicious actors to cau...

The vulnerability of Google Chrome’s browser allows a malicious actor to circumvent sandboxing restrictions.

Google Chrome browser contains a vulnerability related to incorrect block merging in the PointerCompare function of codegen.cc within Seccomp-BPF. Exploiting this vulnerability allows malicious actors to bypass sandbox restrictions by accessing the render process...

CVE-2016-1686

The CPDFDIBSource::CreateDecoder function in core/fpdfapi/fpdfrender/fpdfrenderloadimage.cpp in PDFium, as used in Google Chrome before 51.0.2704.63, mishandles decoder-initialization failure, which allows remote attackers to cause a denial of service out-of-bounds read via a crafted PDF document...

Adobe Reader DC RenderEventHandler Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

LibRSVG Multiple Function Denial of Service Vulnerabilities

LibRSVG is a SVG rendering engine written in C . A security vulnerability exists in LibRSVG's 'rsvgcairopopdiscretelayer', 'rsvgcairopoprenderstack', and 'rsvgcairogeneratemask' functions contain a security vulnerability that could be exploited by remote attackers to cause a denial-of-service...

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure or cause other effects.

The vulnerability of the RenderWidgetHostImpl::Destroy function located in the content/browser/rendererhost/renderwidgethostimpl.cc file of the Google Chrome browser’s Navigation implementation is related to the use of memory after it is released. Exploiting this vulnerability could allow a remot...

DEBIAN-CVE-2016-2098

Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to execute arbitrary Ruby code by leveraging an application's unrestricted use of the render method...

CVE-2016-2098

Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to execute arbitrary Ruby code by leveraging an application's unrestricted use of the render method...

DEBIAN-CVE-2016-2097

Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.2 and 4.x before 4.1.14.2 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. dot dot in a pathname. NOTE: this vulnerability exists...

Directory traversal

Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.2 and 4.x before 4.1.14.2 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. dot dot in a pathname. NOTE: this vulnerability exists...