Ruby on Rails 'convert_json_to_yaml()' Method Security Vulnerability

Bugtraq ID: 57575
Class: Input Validation Error
CVE: CVE-2013-0333
Remote: Yes
Local: No
Published: Jan 28 2013 12:00AM
Updated: Apr 13 2015 10:16PM
Credit: Lawrence Pit of Mirror42
Vulnerable: Tableau Software Tableau Server 6.1.12
Tableau Software Tableau Server 6.1.11
Tableau Software Tableau Server 7.0.12
SuSE WebYaST 1.2
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
SuSE Studio Standard Edition 1.2
SuSE Studio Onsite 1.2
SuSE Studio Extension for System z 1.2
S.u.S.E. openSUSE 12.2
S.u.S.E. openSUSE 12.1
S.u.S.E. openSUSE 11.4
Ruby on Rails Ruby on Rails 3.0.19
Ruby on Rails Ruby on Rails 3.0.18
Ruby on Rails Ruby on Rails 3.0.17
Ruby on Rails Ruby on Rails 3.0.16
Ruby on Rails Ruby on Rails 3.0.14
Ruby on Rails Ruby on Rails 3.0.13
Ruby on Rails Ruby on Rails 3.0.12
Ruby on Rails Ruby on Rails 3.0.11
Ruby on Rails Ruby on Rails 3.0.6
Ruby on Rails Ruby on Rails 3.0.5
Ruby on Rails Ruby on Rails 3.0.4
Ruby on Rails Ruby on Rails 3.0.3
Ruby on Rails Ruby on Rails 3.0.2
Ruby on Rails Ruby on Rails 3.0.1
Ruby on Rails Ruby on Rails 3.0
Ruby on Rails Ruby on Rails 2.3.15
Ruby on Rails Ruby on Rails 2.3.11
Ruby on Rails Ruby on Rails 2.3.10
Ruby on Rails Ruby on Rails 2.3.9
Ruby on Rails Ruby on Rails 2.3.5
Ruby on Rails Ruby on Rails 2.3.4
Ruby on Rails Ruby on Rails 2.3.3
Ruby on Rails Ruby on Rails 2.3.2
Ruby on Rails Ruby on Rails 3.0.8
Ruby on Rails Ruby on Rails 3.0.7
Ruby on Rails Ruby on Rails 3.0.10
Ruby on Rails Ruby on Rails 2.3.14
Ruby on Rails Ruby on Rails 2.3.13
Ruby on Rails Ruby on Rails 2.3.12
Redhat OpenShift Enterprise 0
Invensys Wonderware Intelligence Software 1.5 SP1
Infoblox NetMRI 6.5.3
Infoblox NetMRI 6.5.2
Infoblox NetMRI 6.5.1
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Avaya Voice Portal 5.1.3
Avaya Voice Portal 5.1.2
Avaya Voice Portal 5.1.1
Avaya Voice Portal 5.1 SP1
Avaya Voice Portal 5.1
Avaya Voice Portal 5.0 SP2
Avaya Voice Portal 5.0 SP1
Avaya Voice Portal 5.0
Avaya Secure Access Link Gateway 2.0
Avaya Secure Access Link Gateway 1.8
Avaya Secure Access Link Gateway 1.5
Avaya Integrated Management Suite (IMS) 0
Avaya CVLAN
Avaya Aura System Manager 6.3
Avaya Aura System Manager 6.2.3
Avaya Aura System Manager 6.2
Avaya Aura System Manager 6.1.5
Avaya Aura System Manager 6.1.3
Avaya Aura System Manager 6.1.2
Avaya Aura System Manager 6.1.1
Avaya Aura System Manager 6.1 SP2
Avaya Aura System Manager 6.1 Sp1
Avaya Aura System Manager 6.1
Avaya Aura System Manager 6.0 SP1
Avaya Aura System Manager 6.0
Avaya Aura Presence Services 6.1.2
Avaya Aura Presence Services 6.1.1
Avaya Aura Presence Services 6.1 SP2
Avaya Aura Presence Services 6.1 SP1
Avaya Aura Presence Services 6.1
Avaya Aura Presence Services 6.0
Avaya Aura Presence Services 5.2
Avaya Aura Experience Portal 6.0.2
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Experience Portal 6.0.1
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Experience Portal 6.0 SP2
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Experience Portal 6.0 SP1
Avaya Aura Experience Portal 6.0
Avaya Aura Application Enablement Services 5.2.1
Avaya Aura Application Enablement Services 4.2.3
Avaya Aura Application Enablement Services 4.2.2
Avaya Aura Application Enablement Services 4.2.1
Avaya Aura Application Enablement Services 4.0.1
Avaya Aura Application Enablement Services 5.2.4
Avaya Aura Application Enablement Services 5.2.3
Avaya Aura Application Enablement Services 5.2.2
Avaya Aura Application Enablement Services 5.2
Avaya Aura Application Enablement Services 4.2
Avaya Aura Application Enablement Services 4.1
Avaya Aura Application Enablement Services 4.0
Apple Mac OS X Server 10.7.5
Apple Mac OS X Server 2.1.1
Apple Mac OS X Server 2.1
Apple Mac OS X Server 10.7.4
Apple Mac OS X Server 10.7.3
Apple Mac OS X Server 10.7.2
Apple Mac OS X Server 10.7.1
Apple Mac OS X Server 10.7
Apple Mac OS X Server 10.6.8
Apple Mac OS X 10.8.2
Apple Mac OS X 10.8.1
Apple Mac OS X 10.7.5
Apple Mac OS X 10.8.3
Apple Mac OS X 10.8
Apple Mac OS X 10.7.4
Apple Mac OS X 10.7.3
Apple Mac OS X 10.7.2
Apple Mac OS X 10.7.1
Apple Mac OS X 10.7
Apple Mac OS X 10.6.8
Not Vulnerable: Tableau Software Tableau Server 7.0.13
Ruby on Rails Ruby on Rails 3.0.20
Ruby on Rails Ruby on Rails 2.3.16
Apple Mac OS X Server 2.2.1
Apple Mac OS X 10.8.4
Apple Mac OS X 10.8.3


 

Privacy Statement
Copyright 2010, SecurityFocus