Ruby on Rails 'redirect_to()' HTTP Header Injection Vulnerability

Bugtraq ID: 32359
Class: Input Validation Error
CVE: CVE-2008-5189
Remote: Yes
Local: No
Published: Oct 19 2008 12:00AM
Updated: Apr 13 2015 09:14PM
Credit: This issue was disclosed by the vendor.
Vulnerable: SuSE SUSE Linux Enterprise Server 10
S.u.S.E. openSUSE 11.0
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
Ruby on Rails Ruby on Rails 2.0.4
Not Vulnerable: Ruby on Rails Ruby on Rails 2.0.5


 

Privacy Statement
Copyright 2010, SecurityFocus