Ruby on Rails 'redirect_to()' HTTP Header Injection Vulnerability
|
Bugtraq ID:
|
32359
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2008-5189
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Oct 19 2008 12:00AM
|
|
Updated:
|
Dec 11 2009 07:34PM
|
|
Credit:
|
This issue was disclosed by the vendor.
|
|
Vulnerable:
|
SuSE SUSE Linux Enterprise Server 10
S.u.S.E. openSUSE 11.0
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
Ruby on Rails Ruby on Rails 2.0.4
Red Hat Fedora 9
Red Hat Fedora 10
|
|
|
|
Not Vulnerable:
|
Ruby on Rails Ruby on Rails 2.0.5
|
|
