exploits , vulnerabilities , articles , Ruby on Rails Form Helpers Unicode String Handling Cross Site Scripting Vulnerability

Title	Ruby on Rails Form Helpers Unicode String Handling Cross Site Scripting Vulnerability
Published	2009-09-04-12:00AM
Updated	2009-09-15-05:31PM
Class	Input Validation Error
CVE	CVE-2009-3009
Remote	Yes
Local	No
Credit	Brian Mastenbrook
Vulnerable	Ruby on Rails Ruby on Rails 2.3.3 Ruby on Rails Ruby on Rails 2.3.2 Ruby on Rails Ruby on Rails 2.2.2 Ruby on Rails Ruby on Rails 2.1.1 Ruby on Rails Ruby on Rails 2.1 Ruby on Rails Ruby on Rails 2.0.5 Ruby on Rails Ruby on Rails 2.0.4 Ruby on Rails Ruby on Rails 2.0 Debian Linux 5.0 sparc Debian Linux 5.0 s/390 Debian Linux 5.0 powerpc Debian Linux 5.0 mipsel Debian Linux 5.0 mips Debian Linux 5.0 m68k Debian Linux 5.0 ia64 Debian Linux 5.0 ia32 Debian Linux 5.0 hppa Debian Linux 5.0 armel Debian Linux 5.0 arm Debian Linux 5.0 amd64 Debian Linux 5.0 alpha Debian Linux 5.0
Not Vulnerable	Ruby on Rails Ruby on Rails 2.3.4 Ruby on Rails Ruby on Rails 2.2.3
Code	Attackers can exploit this issue by enticing an unsuspecting victim into following a malicious URI.
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-15 PostgreSQL Index Function Session State Modification Local Privilege Escalation Vulnerability
2009-12-15 PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
2009-12-15 IBM DB2 prior to 9.5 Fix Pack 5 Multiple Unspecified Security Vulnerabilities
2009-12-15 Sun Ray Server Software Desktop Session Handling Local Security Bypass Vulnerability
2009-12-15 Mozilla Firefox Sage Extension RSS Feeds Cross Domain Scripting Vulnerability
2009-12-15 Adobe Reader and Acrobat (CVE-2009-4324) Remote Code Execution Vulnerability
2009-12-14 Microsoft Protected Extensible Authentication Protocol Authentication Bypass Vulnerability
2009-12-14 Google Chrome DNS Pre-Fetching Proxy Cache Information Disclosure Vulnerability
2009-12-14 Oracle E-Business Suite Multiple Remote Vulnerabilities
2009-12-14 MySQL Multiple Remote Denial Of Service Vulnerabilities

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Tue, 15 Dec 2009 21:35:25 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
scanner xp news for c videosexo www.xiaoga sania nude champa sri 10.9.0-STA upskirt pi FREE PECTU photoshopc www.dldvb. x flim s-cart wwww.89.co www tamil phil a for india boug sexi girls /search/ex SHATI@YAHO saniyamirz www.av010. asins sex Helpdesk P Katrinasex Keralasexp address ba Youtube sa www tamil saniyamirz 18+movies www.sex me www.asin s avg spywar you porne Actors sex Free video www.kar20. www.sex,ph JAWmail www.fang-d www .vegin p sex php libary www.otbm.c php libary p...inders frre movie www.free-z makemoney.