Ruby on Rails CVE-2013-0155 Unsafe SQL Query Generation Vulnerability

Bugtraq ID: 57192
Class: Design Error
CVE: CVE-2013-0155
Remote: Yes
Local: No
Published: Jan 08 2013 12:00AM
Updated: Apr 13 2015 10:13PM
Credit: Aaron Patterson
Vulnerable: Tableau Software Tableau Server 6.1.11
Tableau Software Tableau Server 7.0.12
SuSE WebYaST 1.2
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
SuSE Studio Standard Edition 1.2
SuSE Studio Onsite 1.2
SuSE Studio Extension for System z 1.2
SuSE Cloud 1.0
S.u.S.E. openSUSE 12.2
S.u.S.E. openSUSE 12.1
S.u.S.E. openSUSE 11.4
Ruby on Rails Ruby on Rails 3.2.10
Ruby on Rails Ruby on Rails 3.2.8
Ruby on Rails Ruby on Rails 3.2.7
Ruby on Rails Ruby on Rails 3.2.6
Ruby on Rails Ruby on Rails 3.2.4
Ruby on Rails Ruby on Rails 3.2.2
Ruby on Rails Ruby on Rails 3.1.9
Ruby on Rails Ruby on Rails 3.1.8
Ruby on Rails Ruby on Rails 3.1.7
Ruby on Rails Ruby on Rails 3.1.6
Ruby on Rails Ruby on Rails 3.1.5
Ruby on Rails Ruby on Rails 3.1.4
Ruby on Rails Ruby on Rails 3.1.2
Ruby on Rails Ruby on Rails 3.0.18
Ruby on Rails Ruby on Rails 3.0.17
Ruby on Rails Ruby on Rails 3.0.16
Ruby on Rails Ruby on Rails 3.0.14
Ruby on Rails Ruby on Rails 3.0.13
Ruby on Rails Ruby on Rails 3.0.12
Ruby on Rails Ruby on Rails 3.0.11
Ruby on Rails Ruby on Rails 3.0.6
Ruby on Rails Ruby on Rails 3.0.5
Ruby on Rails Ruby on Rails 3.0.4
Ruby on Rails Ruby on Rails 3.0.3
Ruby on Rails Ruby on Rails 3.0.2
Ruby on Rails Ruby on Rails 3.0.1
Ruby on Rails Ruby on Rails 3.0
Ruby on Rails Ruby on Rails 3.2
Ruby on Rails Ruby on Rails 3.1.0.rc6
Ruby on Rails Ruby on Rails 3.1.0.rc5
Ruby on Rails Ruby on Rails 3.0.8
Ruby on Rails Ruby on Rails 3.0.7
Ruby on Rails Ruby on Rails 3.0.10
Redhat OpenShift Enterprise 0
Invensys Wonderware Intelligence Software 1.5 SP1
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Apple Mac OS X Server 10.7.5
Apple Mac OS X Server 10.7.4
Apple Mac OS X Server 10.7.3
Apple Mac OS X Server 10.7.1
Apple Mac OS X Server 10.7
Apple Mac OS X Server 10.6.8
Apple Mac OS X 10.8.2
Apple Mac OS X 10.8.1
Apple Mac OS X 10.7.5
Apple Mac OS X 10.8.3
Apple Mac OS X 10.8
Apple Mac OS X 10.7.4
Apple Mac OS X 10.7.3
Apple Mac OS X 10.7.2
Apple Mac OS X 10.7.1
Apple Mac OS X 10.7
Apple Mac OS X 10.6.8
Not Vulnerable: Tableau Software Tableau Server 6.1.12
Ruby on Rails Ruby on Rails 3.2.11
Ruby on Rails Ruby on Rails 3.1
Ruby on Rails Ruby on Rails 3.0.19
Apple Mac OS X 10.8.4


 

Privacy Statement
Copyright 2010, SecurityFocus