Ruby on Rails Security Bypass and SQL Injection Vulnerabilities

Bugtraq ID: 46292
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2011-0448
CVE-2011-0449
Remote: Yes
Local: No
Published: Feb 09 2011 12:00AM
Updated: Apr 13 2015 09:59PM
Credit: Jan M. Faber, supersaas and Eaden McKee, Webforce Ltd
Vulnerable: Ruby on Rails Ruby on Rails 3.0.3
Ruby on Rails Ruby on Rails 3.0.2
Ruby on Rails Ruby on Rails 3.0.1
Ruby on Rails Ruby on Rails 3.0
Gentoo Linux
Not Vulnerable: Ruby on Rails Ruby on Rails 3.0.4


 

Privacy Statement
Copyright 2010, SecurityFocus