CVE-2012-3463 – rubygem-actionpack: potential XSS vulnerability in select_tag prompt
https://notcve.org/view.php?id=CVE-2012-3463
Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_tag_helper.rb in Ruby on Rails 3.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the prompt field to the select_tag helper. Vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en actionpack/lib/action_view/helpers/form_tag_helper.rb en Ruby on Rails v3.x anterior a v3.0.17, v3.1.x anterior a v3.1.8, y v3.2.x anterior a v3.2.8 permite la administración remota los atacantes para inyectar secuencias de comandos web o HTML a través del campo del sistema para el (helper) select_tag. • http://rhn.redhat.com/errata/RHSA-2013-0154.html http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released https://groups.google.com/group/rubyonrails-security/msg/961e18e514527078?dmode=source&output=gplain https://access.redhat.com/security/cve/CVE-2012-3463 https://bugzilla.redhat.com/show_bug.cgi?id=847196 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2012-3465 – rubygem-actionpack: XSS Vulnerability in strip_tags
https://notcve.org/view.php?id=CVE-2012-3465
Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_helper.rb in the strip_tags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via malformed HTML markup. Cross-site scripting (XSS) en actionpack/lib/action_view/helpers/sanitize_helper.rb en el (helper) strip_tags en Ruby on Rails anterior a v3.0.17, v3.1.x anterior a v3.1.8, y v3.2.x anterio a v3.2.8 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de código HTML con formato incorrecto. • http://rhn.redhat.com/errata/RHSA-2013-0154.html http://secunia.com/advisories/50694 http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released https://groups.google.com/group/rubyonrails-security/msg/7fbb5392d4d282b5?dmode=source&output=gplain https://access.redhat.com/security/cve/CVE-2012-3465 https://bugzilla.redhat.com/show_bug.cgi?id=847200 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2012-3464 – rubygem-actionpack: potential XSS vulnerability
https://notcve.org/view.php?id=CVE-2012-3464
Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 might allow remote attackers to inject arbitrary web script or HTML via vectors involving a ' (quote) character. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en activesupport/lib/active_support/core_ext/string/output_safety.rb en Ruby on Rails anteriores a v3.0.17, v3.1.x anteriores a v3.1.8, y 3.2.x anteriores a v3.2.8, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores que implican el caracter ' (comilla). • http://rhn.redhat.com/errata/RHSA-2013-0154.html http://secunia.com/advisories/50694 http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released https://groups.google.com/group/rubyonrails-security/msg/8f1bbe1cef8c6caf?dmode=source&output=gplain https://access.redhat.com/security/cve/CVE-2012-3464 https://bugzilla.redhat.com/show_bug.cgi?id=847199 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2012-3424 – rubygem-actionpack: DoS vulnerability in authenticate_or_request_with_http_digest
https://notcve.org/view.php?id=CVE-2012-3424
The decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ruby on Rails 3.x before 3.0.16, 3.1.x before 3.1.7, and 3.2.x before 3.2.7 converts Digest Authentication strings to symbols, which allows remote attackers to cause a denial of service by leveraging access to an application that uses a with_http_digest helper method, as demonstrated by the authenticate_or_request_with_http_digest method. El método decode_credentials method en actionpack/lib/action_controller/metal/http_authentication.rb en Ruby on Rails 3.x anterior a 3.0.16, 3.1.x anterior a 3.1.7, y 3.2.x anterior a 3.2.7 convierte las cadenas Digest Authentication a símbolos, lo que permite a atacantes remotos provocar una denegación de servicio aprovechando el acceso a una aplicación que se utiliza un método de ayuda with_http_digest, como se demostró con el método authenticate_or_request_with_http_digest. • http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html http://rhn.redhat.com/errata/RHSA-2013-0154.html http://weblog.rubyonrails.org/2012/7/26/ann-rails-3-2-7-has-been-released https://groups.google.com/group/rubyonrails-security/msg/244d32f2fa25147d?hl=en&dmode=source&output=gplain https://access.redhat.com/security/cve/CVE-2012-3424 https://bugzilla.redhat.com/show_bug.cgi?id=843711 • CWE-287: Improper Authentication •
CVE-2012-2695 – rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661)
https://notcve.org/view.php?id=CVE-2012-2695
The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661. El componente 'Active Record' en Ruby on Rails antes de la version v3.0.14, v3.1.x antes de v3.1.6 y v3.2.x antes de v3.2.6 no implementa correctamente el paso de los datos de la solicitud a un método 'where' en la clase ActiveRecord, lo que permite llevar a cabo determinados ataques de inyección SQL a atacantes remotos a través de los parámetros de consulta anidadas que aprovechan una indebida manipulación de los hashes anidados. Es un problema relacionado con el CVE-2012-2661. • http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.html http://lists.opensuse.org/opensuse-updates/2012-08/msg00046.html http://rhn.redhat.com/errata/RHSA-2013-0154.html https://groups.google.com/group/rubyonrails-security/msg/aee3413fb038bf56?dmode=source&output=gplain https://access.redhat.com/security/cve/CVE-2012-2695 https:/ • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •