exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2013-0276

Status Candidate

Overview

ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows remote attackers to bypass the attr_protected protection mechanism and modify protected model attributes via a crafted request.

Related Files

Gentoo Linux Security Advisory 201412-28
Posted Dec 15, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-28 - Multiple vulnerabilities were found in Ruby on Rails, the worst of which allowing for execution of arbitrary code. Versions less than 2.3.18 are affected.

tags | advisory, arbitrary, vulnerability, ruby
systems | linux, gentoo
advisories | CVE-2010-3933, CVE-2011-0446, CVE-2011-0447, CVE-2011-0448, CVE-2011-0449, CVE-2011-2929, CVE-2011-2930, CVE-2011-2931, CVE-2011-2932, CVE-2011-3186, CVE-2013-0155, CVE-2013-0156, CVE-2013-0276, CVE-2013-0277, CVE-2013-0333, CVE-2013-1854, CVE-2013-1855, CVE-2013-1856, CVE-2013-1857
SHA-256 | 76dc0b7e4c9e8b791f80a766fcc8ca7f6bcd6698fbd68637fd46c0e03c25cb62
Apple Security Advisory 2013-06-04-1
Posted Jun 6, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-06-04-1 - OS X Mountain Lion version 10.8.4 and Security Update 2013-002 is now available and addresses over 30 security issues.

tags | advisory
systems | apple, osx
advisories | CVE-2012-2131, CVE-2012-2333, CVE-2012-4929, CVE-2012-5519, CVE-2013-0155, CVE-2013-0276, CVE-2013-0277, CVE-2013-0333, CVE-2013-0975, CVE-2013-0982, CVE-2013-0983, CVE-2013-0984, CVE-2013-0985, CVE-2013-0986, CVE-2013-0987, CVE-2013-0988, CVE-2013-0989, CVE-2013-0990, CVE-2013-1024, CVE-2013-1854, CVE-2013-1855, CVE-2013-1856, CVE-2013-1857
SHA-256 | 29c85f7c4991f40f099be32dac2f2a9438a7fc5388a3ae3de429d2a6ba9bb431
Red Hat Security Advisory 2013-0686-01
Posted Mar 26, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0686-01 - Red Hat Subscription Asset Manager acts as a proxy for handling subscription information and software updates on client machines. The latest packages for Subscription Asset Manager include a number of security fixes: When a Subscription Asset Manager instance is created, its configuration script automatically creates an RPM of the internal subscription service CA certificate. However, this RPM incorrectly created the CA certificate with file permissions of 0666. This allowed other users on a client system to modify the CA certificate used to trust the remote subscription server. All administrators are advised to update and deploy the subscription service certificate on all systems which use Subscription Asset Manager as their subscription service.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2012-6116, CVE-2012-6119, CVE-2013-0256, CVE-2013-0263, CVE-2013-0269, CVE-2013-0276, CVE-2013-1823
SHA-256 | 0963c8e1d61d8ac6df642de01a0698f0b64aa8bfa0d30d87859ee165ddb3111b
Debian Security Advisory 2620-1
Posted Feb 13, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2620-1 - Two vulnerabilities were discovered in Ruby on Rails, a Ruby framework for web application development.

tags | advisory, web, vulnerability, ruby
systems | linux, debian
advisories | CVE-2013-0276, CVE-2013-0277
SHA-256 | 73a82326feb90c7df2ca907dd54de6ed3ab855ced8ac50611546bdcb8b144611
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close