Ruby on Rails CVE-2012-2660 SQL Injection Vulnerability

Bugtraq ID: 53754
Class: Input Validation Error
CVE: CVE-2012-2660
Remote: Yes
Local: No
Published: May 31 2012 12:00AM
Updated: Apr 13 2015 09:17PM
Credit: Ben Murphy
Vulnerable: SuSE WebYaST 1.2
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
SuSE SUSE Linux Enterprise SDK 11 SP2
SuSE SUSE Linux Enterprise SDK 11 SP1
SuSE Studio Standard Edition 1.2
SuSE Studio Onsite 1.2
SuSE Studio Extension for System z 1.2
S.u.S.E. openSUSE 12.1
S.u.S.E. openSUSE 11.4
Ruby on Rails Ruby on Rails 3.2.2
Ruby on Rails Ruby on Rails 3.1.4
Ruby on Rails Ruby on Rails 3.1.2
Ruby on Rails Ruby on Rails 3.0.12
Ruby on Rails Ruby on Rails 3.0.11
Ruby on Rails Ruby on Rails 3.0.6
Ruby on Rails Ruby on Rails 3.0.5
Ruby on Rails Ruby on Rails 3.0.4
Ruby on Rails Ruby on Rails 3.0.3
Ruby on Rails Ruby on Rails 3.0.2
Ruby on Rails Ruby on Rails 3.0.1
Ruby on Rails Ruby on Rails 3.0
Ruby on Rails Ruby on Rails 3.1.0.rc6
Ruby on Rails Ruby on Rails 3.1.0.rc5
Ruby on Rails Ruby on Rails 3.0.8
Ruby on Rails Ruby on Rails 3.0.7
Ruby on Rails Ruby on Rails 3.0.10
Redhat OpenShift Enterprise 0
Redhat CloudForms 0
IBM Security Network Intrusion Prevention System 4.5
IBM Security Network Intrusion Prevention System 4.4
IBM Security Network Intrusion Prevention System 4.3
IBM Security Network Intrusion Prevention System 4.2
IBM Security Network Intrusion Prevention System 4.1
Not Vulnerable: Ruby on Rails Ruby on Rails 3.2.4
Ruby on Rails Ruby on Rails 3.1.5
Ruby on Rails Ruby on Rails 3.0.13
Redhat CloudForms 1.1


 

Privacy Statement
Copyright 2010, SecurityFocus