Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

CVE Kennung:CVE-2016-2098
Beschreibung:Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to execute arbitrary Ruby code by leveraging an application's unrestricted use of the render method.
Test Kennungen: 1.3.6.1.4.1.25623.1.0.807704   1.3.6.1.4.1.25623.1.0.851240   1.3.6.1.4.1.25623.1.0.807706   1.3.6.1.4.1.25623.1.0.703509   1.3.6.1.4.1.25623.1.0.809353   1.3.6.1.4.1.25623.1.0.809352  
Querverweise: Common Vulnerability Exposure (CVE) ID: CVE-2016-2098
BugTraq ID: 83725
http://www.securityfocus.com/bid/83725
Debian Security Information: DSA-3509 (Google Search)
http://www.debian.org/security/2016/dsa-3509
https://www.exploit-db.com/exploits/40086/
https://groups.google.com/forum/message/raw?msg=rubyonrails-security/ly-IH-fxr_Q/WLoOhcMZIAAJ
http://www.securitytracker.com/id/1035122
SuSE Security Announcement: SUSE-SU-2016:0854 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00083.html
SuSE Security Announcement: SUSE-SU-2016:0867 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00086.html
SuSE Security Announcement: SUSE-SU-2016:0967 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00006.html
SuSE Security Announcement: SUSE-SU-2016:1146 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html
SuSE Security Announcement: openSUSE-SU-2016:0790 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00057.html
SuSE Security Announcement: openSUSE-SU-2016:0835 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00080.html




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.