Oval Definition:oval:com.ubuntu.precise:def:20160751000
Revision Date:2016-02-15Version:1
Title:CVE-2016-0751 on Ubuntu 12.04 LTS (precise) - medium.
Description:actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-0751
Platform(s):Ubuntu 12.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 12.04 LTS (precise) is installed.
  • AND Package Information
  • NOT While related to the CVE in some way, the 'rails' package in precise is not affected (note: 'contains no code').
  • OR The 'ruby-actionpack-2.3' package in precise is affected and needs fixing.
  • OR NOT While related to the CVE in some way, the 'ruby-activerecord-2.3' package in precise is not affected.
  • OR NOT While related to the CVE in some way, the 'ruby-activesupport-2.3' package in precise is not affected.
  • OR NOT While related to the CVE in some way, the 'ruby-rails-2.3' package in precise is not affected.
  • BACK