what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 2 of 2 RSS Feed

CVE-2009-3009

Status Candidate

Overview

Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before 2.2.3, and 2.3.x before 2.3.4, allows remote attackers to inject arbitrary web script or HTML by placing malformed Unicode strings into a form helper.

Related Files

Gentoo Linux Security Advisory 200912-2
Posted Dec 21, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 200912-2 - Multiple vulnerabilities have been discovered in Rails, the worst of which leading to the execution of arbitrary SQL statements. Versions less than 2.2.2 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2007-5380, CVE-2007-6077, CVE-2008-4094, CVE-2008-7248, CVE-2009-2422, CVE-2009-3009, CVE-2009-3086, CVE-2009-4214
SHA-256 | 16d8e364cfb92aed20ead8b90f7ddfb138996017dcb068bdfb6e381ed4b6eee8
Debian Linux Security Advisory 1887-1
Posted Sep 16, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1887-1 - Brian Mastenbrook discovered that rails, the MVC ruby based framework geared for web application development, is prone to cross-site scripting attacks via malformed strings in the form helper.

tags | advisory, web, xss, ruby
systems | linux, debian
advisories | CVE-2009-3009
SHA-256 | e9db881d48510c6e213b5d71a715500f7af077e97ce065212eede46bfda25193
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    14 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close