Ruby on Rails Multiple SQL Injection Vulnerabilities

Bugtraq ID: 57084
Class: Input Validation Error
CVE: CVE-2012-6496
CVE-2012-6497
Remote: Yes
Local: No
Published: Dec 21 2012 12:00AM
Updated: Apr 13 2015 09:55PM
Credit: joernchen
Vulnerable: SuSE Cloud 1.0
S.u.S.E. openSUSE 12.2
S.u.S.E. openSUSE 12.1
S.u.S.E. openSUSE 11.4
Ruby on Rails Ruby on Rails 3.2.8
Ruby on Rails Ruby on Rails 3.2.7
Ruby on Rails Ruby on Rails 3.2.6
Ruby on Rails Ruby on Rails 3.2.4
Ruby on Rails Ruby on Rails 3.2.2
Ruby on Rails Ruby on Rails 3.1.8
Ruby on Rails Ruby on Rails 3.1.7
Ruby on Rails Ruby on Rails 3.1.6
Ruby on Rails Ruby on Rails 3.1.5
Ruby on Rails Ruby on Rails 3.1.4
Ruby on Rails Ruby on Rails 3.1.2
Ruby on Rails Ruby on Rails 3.0.17
Ruby on Rails Ruby on Rails 3.0.16
Ruby on Rails Ruby on Rails 3.0.14
Ruby on Rails Ruby on Rails 3.0.13
Ruby on Rails Ruby on Rails 3.0.12
Ruby on Rails Ruby on Rails 3.0.11
Ruby on Rails Ruby on Rails 3.0.6
Ruby on Rails Ruby on Rails 3.0.5
Ruby on Rails Ruby on Rails 3.0.4
Ruby on Rails Ruby on Rails 3.0.3
Ruby on Rails Ruby on Rails 3.0.2
Ruby on Rails Ruby on Rails 3.0.1
Ruby on Rails Ruby on Rails 3.0
Ruby on Rails Ruby on Rails 3.2
Ruby on Rails Ruby on Rails 3.1.0.rc6
Ruby on Rails Ruby on Rails 3.1.0.rc5
Ruby on Rails Ruby on Rails 3.0.8
Ruby on Rails Ruby on Rails 3.0.7
Ruby on Rails Ruby on Rails 3.0.10
Redhat Subscription Asset Manager 0
IBM Security Network Intrusion Prevention System 4.5
IBM Security Network Intrusion Prevention System 4.4
IBM Security Network Intrusion Prevention System 4.3
IBM Security Network Intrusion Prevention System 4.2
IBM Security Network Intrusion Prevention System 4.1
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable: Ruby on Rails Ruby on Rails 3.2.10
Ruby on Rails Ruby on Rails 3.1.9
Ruby on Rails Ruby on Rails 3.0.18


 

Privacy Statement
Copyright 2010, SecurityFocus