Oval Definition:	oval:org.opensuse.security:def:20084094
Revision Date: 2017-09-27 Version: 1 Title: CVE-2008-4094 Description: Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) :limit and (2) :offset parameters, related to ActiveRecord, ActiveSupport, ActiveResource, ActionPack, and ActionMailer. Family: unix Class: vulnerability Status: Reference(s): CVE-2008-4094 Platform(s): openSUSE 10.2 openSUSE 10.3 openSUSE 11.0 SUSE Linux Enterprise SDK 10 SP2 Product(s): Definition Synopsis sles10-sp2-sdk is installed AND Package Information rubygem-activerecord-1_14 less than 1.14.4-0.4 OR rubygem-activerecord-2_0 less than 2.0.2-0.4 OR rubygem-activerecord less than 2.0.2-0.4
BACK