Ruby on Rails 'implicit render' Functionality Directory Traversal Vulnerability

Bugtraq ID: 67244
Class: Input Validation Error
CVE: CVE-2014-0130
Remote: Yes
Local: No
Published: May 06 2014 12:00AM
Updated: Jul 15 2015 12:32AM
Credit: Ville Lautanala of Flowdock
Vulnerable: Ruby on Rails Ruby on Rails 3.2.4
Ruby on Rails Ruby on Rails 3.2.2
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus