Ruby on Rails CVE-2013-0155 Unsafe SQL Query Generation Vulnerability

Bugtraq ID: 57192
Class: Design Error
CVE: CVE-2013-0155
Remote: Yes
Local: No
Published: Jan 08 2013 12:00AM
Updated: Jun 05 2013 08:35AM
Credit: Aaron Patterson
Vulnerable: SuSE WebYaST 1.2
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
 + S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
SuSE Studio Standard Edition 1.2
SuSE Studio Onsite 1.2
SuSE Studio Extension for System z 1.2
SuSE openSUSE 12.1
SuSE openSUSE 11.4
Ruby on Rails Ruby on Rails 3.2.4
Ruby on Rails Ruby on Rails 3.2.2
Ruby on Rails Ruby on Rails 3.1.5
Ruby on Rails Ruby on Rails 3.1.4
Ruby on Rails Ruby on Rails 3.1.2
Ruby on Rails Ruby on Rails 3.0.13
Ruby on Rails Ruby on Rails 3.0.12
Ruby on Rails Ruby on Rails 3.0.11
Ruby on Rails Ruby on Rails 3.0.6
Ruby on Rails Ruby on Rails 3.0.5
Ruby on Rails Ruby on Rails 3.0.4
Ruby on Rails Ruby on Rails 3.0.3
Ruby on Rails Ruby on Rails 3.0.3
Ruby on Rails Ruby on Rails 3.0.2
Ruby on Rails Ruby on Rails 3.0.1
Ruby on Rails Ruby on Rails 3.0
Ruby on Rails Ruby on Rails 3.1.0.rc6
Ruby on Rails Ruby on Rails 3.1.0.rc5
Ruby on Rails Ruby on Rails 3.0.8
Ruby on Rails Ruby on Rails 3.0.7
Ruby on Rails Ruby on Rails 3.0.10
Red Hat Fedora 17
Red Hat Fedora 16
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Apple Mac Os X Server 10.7.4
Apple Mac Os X Server 10.7.3
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server 10.7
Apple Mac Os X Server 10.6.8
Apple Mac Os X 10.7.4
Apple Mac Os X 10.7.3
Apple Mac Os X 10.7.2
Apple Mac Os X 10.7.1
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus