The vulnerability in the Phusion Passenger web server relates to the possibility of creating a symbolic link between a REVISION file and an arbitrary file in the system. This allows a malicious actor to gain access to confidential data.

The vulnerability in the Phusion Passenger web server relates to the ability to create symbolic links between a REVISION field and any arbitrary file in the system. Exploiting this vulnerability could allow an attacker to gain access to confidential data...

Phusion Passenger Arbitrary File Read Vulnerability

Phusion Passenger is an Apache module for deploying Ruby on Rails projects on Apache and Nginx web servers from Phusion Netherlands. A security vulnerability exists in the agent/Core/SpawningKit/Spawner.h file in Phusion Passenger version 5.1.10. The vulnerability can be exploited to read the...

UBUNTU-CVE-2017-16355

In agent/Core/SpawningKit/Spawner.h in Phusion Passenger 5.1.10 fixed in Passenger Open Source 5.1.11 and Passenger Enterprise 5.1.10, if Passenger is running as root, it is possible to list the contents of arbitrary files on a system by symlinking a file named REVISION from the application root...

The vulnerability of the distributed Git version control system allows a hacker to execute arbitrary code.

The vulnerability of the revision.c file in the distributed version control system Git is related to the use of an incorrect integer data type. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a long file name or by manipulating multiple nested trees, resulti...

UBUNTU-CVE-2016-5835

WordPress before 4.5.3 allows remote attackers to obtain sensitive revision-history information by leveraging the ability to read a post, related to wp-admin/includes/ajax-actions.php and wp-admin/revision.php...

UBUNTU-CVE-2016-2315

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, leading to a heap-based buffer overflow...