Ruby on Rails CVE-2012-2660 SQL Injection Vulnerability

Bugtraq ID: 53754
Class: Input Validation Error
CVE: CVE-2012-2660
Remote: Yes
Local: No
Published: May 31 2012 12:00AM
Updated: Mar 01 2013 06:03PM
Credit: Ben Murphy
Vulnerable: SuSE WebYaST 1.2
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
SuSE SUSE Linux Enterprise SDK 11 SP2
SuSE SUSE Linux Enterprise SDK 11 SP1
SuSE Studio Standard Edition 1.2
SuSE Studio Onsite 1.2
SuSE Studio Extension for System z 1.2
SuSE openSUSE 12.1
SuSE openSUSE 11.4
Ruby on Rails Ruby on Rails 3.2.2
Ruby on Rails Ruby on Rails 3.1.4
Ruby on Rails Ruby on Rails 3.1.2
Ruby on Rails Ruby on Rails 3.0.12
Ruby on Rails Ruby on Rails 3.0.11
Ruby on Rails Ruby on Rails 3.0.6
Ruby on Rails Ruby on Rails 3.0.5
Ruby on Rails Ruby on Rails 3.0.4
Ruby on Rails Ruby on Rails 3.0.3
Ruby on Rails Ruby on Rails 3.0.3
Ruby on Rails Ruby on Rails 3.0.2
Ruby on Rails Ruby on Rails 3.0.1
Ruby on Rails Ruby on Rails 3.0
Ruby on Rails Ruby on Rails 3.1.0.rc6
Ruby on Rails Ruby on Rails 3.1.0.rc5
Ruby on Rails Ruby on Rails 3.0.8
Ruby on Rails Ruby on Rails 3.0.7
Ruby on Rails Ruby on Rails 3.0.10
Red Hat Fedora 17
Red Hat Fedora 16
Red Hat Fedora 15
Not Vulnerable: Ruby on Rails Ruby on Rails 3.2.4
Ruby on Rails Ruby on Rails 3.1.5
Ruby on Rails Ruby on Rails 3.0.13


 

Privacy Statement
Copyright 2010, SecurityFocus