Page 10 of 49 results (0.007 seconds)

CVSS: 4.3EPSS: 0%CPEs: 74EXPL: 1

actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain "['xyz', nil]" values, a related issue to CVE-2012-2660. actionpack/lib/action_dispatch/http/request.rb en Ruby on Rails antes de la version v3.0.14, en la v3.1.x antes de v3.1.6 y v3.2.x antes de v 3.2.6 no considera adecuadamente las diferencias en el manejo de parámetros entre el componente Active Record y la interfaz Rack, lo que permite a atacantes remotos evitar las restricciones de consulta de bases de datos y realizar comprobaciones de nulos a través de solicitudes hechas a mano, por ejemplo con los valores "['xyz', nil]". Es un problema relacionado con el CVE-2012-2660. • http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00017.html http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html http://rhn.redhat.com/errata/RHSA-2013-0154.html https://groups.google.com/group/rubyonrails-security/msg/e2d3a87f2c211def?dmode=source&output=g • CWE-264: Permissions, Privileges, and Access Controls CWE-305: Authentication Bypass by Primary Weakness •

CVSS: 4.3EPSS: 0%CPEs: 61EXPL: 0

Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_options_helper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain generation of OPTION elements within SELECT elements. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en actionpack/lib/action_view/helpers/form_options_helper.rb en "select helper" de Ruby on Rails 3.0.x anteriores a 3.0.12, 3.1.x anteriores a 3.1.4, y 3.2.x anteriores a 3.2.2 permite a atacantes remotos inyectar codigo de script web o código HTML de su elección a través de vectores que involucran la generación de elementos OPTION dentro de elementos SELECT. • http://groups.google.com/group/rubyonrails-security/msg/6fca4f5c47705488?dmode=source&output=gplain http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075675.html http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075740.html http://weblog.rubyonrails.org/2012/3/1/ann-rails-3-0-12-has-been-released http://www.debian.org/security/2012/dsa-2466 http://www.openwall.com/lists/oss-security/2012/03/02/6 http://www.openwall.com/lists/oss-security/2012/03/ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 61EXPL: 0

Cross-site scripting (XSS) vulnerability in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving a SafeBuffer object that is manipulated through certain methods. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Ruby on Rails 3.0.x anteriores a 3.0.12, 3.1.x anteriores a 3.1.4, y 3.2.x anterioes a 3.2.2 permite a atacantes remotos inyectar codigo de script web o código HTML de su elección a través de vectores que involucran un objeto SafeBuffer que es manipulado a través de determinados métodos. • http://groups.google.com/group/rubyonrails-security/msg/1c2e01a5e42722c9?dmode=source&output=gplain http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075675.html http://weblog.rubyonrails.org/2012/3/1/ann-rails-3-0-12-has-been-released http://www.openwall.com/lists/oss-security/2012/03/02/6 http://www.openwall.com/lists/oss-security/2012/03/03/1 https://bugzilla.redhat.com/show_bug.cgi?id=799275 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.8EPSS: 2%CPEs: 139EXPL: 0

The session fixation protection mechanism in cgi_process.rb in Rails 1.2.4, as used in Ruby on Rails, removes the :cookie_only attribute from the DEFAULT_SESSION_OPTIONS constant, which effectively causes cookie_only to be applied only to the first instantiation of CgiRequest, which allows remote attackers to conduct session fixation attacks. NOTE: this is due to an incomplete fix for CVE-2007-5380. El mecanismo de protección de fijación de sesión en el archivo cgi_process.rb en Rails versión 1.2.4, como es usado en Ruby on Rails, elimina el atributo :cookie_only de la constante DEFAULT_SESSION_OPTIONS, lo que causa efectivamente que cookie_only se aplique solo a la primera instancia de CgiRequest, lo que permite a atacantes remotos conducir ataques de fijación de sesión. NOTA: esto es debido a una corrección incompleta para el CVE-2007-5380. • http://dev.rubyonrails.org/changeset/8177 http://dev.rubyonrails.org/ticket/10048 http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://secunia.com/advisories/27781 http://secunia.com/advisories/28136 http://weblog.rubyonrails.org/2007/11/24/ruby-on-rails-1-2-6-security-and-maintenance-release http://www.securityfocus.com/bid/26598 http://www.us-cert.gov/cas/techalerts/TA07-352A.html http:// • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •