Описание
Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOAD_PATH variable, a different vulnerability than CVE-2006-4112.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.1.2-1ubuntu0.1 |
| devel | not-affected | |
| edgy | not-affected | |
| feisty | not-affected | |
| gutsy | not-affected | |
| upstream | released | 1.1.5 |
Показывать по
10
Ссылки на источники
7.5 High
CVSS2
Связанные уязвимости
nvd
больше 19 лет назад
Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOAD_PATH variable, a different vulnerability than CVE-2006-4112.
debian
больше 19 лет назад
Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby cod ...
7.5 High
CVSS2