|
|
Ruby on Rails To_JSON Script Injection Vulnerability
|
Bugtraq ID:
|
24161
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2007-3227
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
May 25 2007 12:00AM
|
|
Updated:
|
Nov 23 2007 05:44PM
|
|
Credit:
|
BCC reported this issue to the vendor.
|
|
Vulnerable:
|
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. SUSE Linux Enterprise Server 10 SP1
S.u.S.E. SUSE Linux Enterprise Desktop 10 SP1
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
S.u.S.E. Open-Enterprise-Server 0
S.u.S.E. Linux Enterprise Server 8
S.u.S.E. Linux Enterprise Server 10.SP1
S.u.S.E. Linux 10.1 x86-64
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
S.u.S.E. Linux 10.0 x86-64
S.u.S.E. Linux 10.0 x86
S.u.S.E. Linux 10.0 ppc
Ruby on Rails Ruby on Rails 1.2.3
Novell Linux POS 9
Novell Linux Desktop 9
Gentoo Linux
Gentoo dev-ruby/rails 1.2.4
|
|
|
|
Not Vulnerable:
|
Gentoo dev-ruby/rails 1.2.5
|
|
|
