exploits , vulnerabilities , articles , Ruby on Rails Form Helpers Unicode String Handling Cross Site Scripting Vulnerability

Title	Ruby on Rails Form Helpers Unicode String Handling Cross Site Scripting Vulnerability
Published	2009-09-04-12:00AM
Updated	2009-09-15-05:31PM
Class	Input Validation Error
CVE	CVE-2009-3009
Remote	Yes
Local	No
Credit	Brian Mastenbrook
Vulnerable	Ruby on Rails Ruby on Rails 2.3.3 Ruby on Rails Ruby on Rails 2.3.2 Ruby on Rails Ruby on Rails 2.2.2 Ruby on Rails Ruby on Rails 2.1.1 Ruby on Rails Ruby on Rails 2.1 Ruby on Rails Ruby on Rails 2.0.5 Ruby on Rails Ruby on Rails 2.0.4 Ruby on Rails Ruby on Rails 2.0 Debian Linux 5.0 sparc Debian Linux 5.0 s/390 Debian Linux 5.0 powerpc Debian Linux 5.0 mipsel Debian Linux 5.0 mips Debian Linux 5.0 m68k Debian Linux 5.0 ia64 Debian Linux 5.0 ia32 Debian Linux 5.0 hppa Debian Linux 5.0 armel Debian Linux 5.0 arm Debian Linux 5.0 amd64 Debian Linux 5.0 alpha Debian Linux 5.0
Not Vulnerable	Ruby on Rails Ruby on Rails 2.3.4 Ruby on Rails Ruby on Rails 2.2.3
Code	Attackers can exploit this issue by enticing an unsuspecting victim into following a malicious URI.
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-04 Achievo Document Types Section Arbitrary File Upload Vulnerability
2009-12-04 Achievo Scheduler Category HTML Injection Vulnerability
2009-12-04 Yoast Google Analytics for WordPress Plugin 404 Error Page Cross Site Scripting Vulnerability
2009-12-04 DevIL DICOM File Handling Remote Buffer Overflow Vulnerability
2009-12-04 Invision Power Board Local File Include and SQL Injection Vulnerabilities
2009-12-04 Mozilla Firefox Yoono Extension DOM Event Handler Cross Domain Scripting Vulnerability
2009-12-04 UBB.threads Multiple File Include Vulnerabilities
2009-12-04 Expat Unspecified XML Parsing Remote Denial of Service Vulnerability
2009-12-04 Apple Mac OS X Java Applet Certificate Validation Security Bypass Vulnerability
2009-12-04 QEMU Virtio Networking Remote Denial of Service Vulnerability

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Mon, 07 Dec 2009 13:16:15 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
News...esu Www.game.c Sxs Bkchr Naruto se adult movi bollywod sex pictur www.aseans IceWarp We News Searc PINKWORID phpBB por XDOMAIN.bl Uderagenak http://sec Gambar mem Indian sex indiansexy www.eva ra Netopia Ti www.gznoni www.ppman. access vio chm asean sex porn vedio cad163.net www.worlds www.36688. F.Nayantar www.ynzql. NEWSPAPER compiz ssh news for c 76tao.jimd 25j.cn CMS is Fre NEHARAPHOT naked biki sex vidos remot fiel 05278.net Sextevideo digital www.taomd. cum sex news for c sex f ilm web mail h