Oval Definition:oval:org.opensuse.security:def:20085189
Revision Date:2017-09-27Version:1
Title:CVE-2008-5189
Description:

CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL to the redirect_to function.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2008-5189
Platform(s):openSUSE 10.2
openSUSE 10.3
openSUSE 11.0
SUSE Linux Enterprise SDK 10 SP2
Product(s):
Definition Synopsis
  • sles10-sp2-sdk is installed
  • AND Package Information
  • rubygem-actionpack-1_12 less than 1.12.5-0.4
  • OR rubygem-actionpack-2_0 less than 2.0.2-0.4
  • OR rubygem-actionpack less than 2.0.2-0.4
    • BACK