Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 up to and including 1.1.5 allows remote malicious users to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service (application hang) or "data loss," a different vulnerability than CVE-2006-4111.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rubyonrails rails 1.1.0 |
||
rubyonrails rails 1.1.1 |
||
rubyonrails rails 1.1.2 |
||
rubyonrails rails 1.1.3 |
||
rubyonrails rails 1.1.4 |