Vulnerability CVE-2016-0752

Vulnerability Name:

CVE-2016-0752 (CCN-110106)

Assigned:

2015-12-16

Published:

2016-01-25

Updated:

2019-08-08

Summary:

Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
7.0 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.9 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:F/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-22

Vulnerability Consequences:

Obtain Information

References:

Vulnerable Configuration:

Configuration 1:

cpe:/a:rubyonrails:rails:4.0.0:-:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.0:beta:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.0:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.0:rc2:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.1:-:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.1:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.1:rc2:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.1:rc3:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.1:rc4:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.2:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.3:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.4:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.5:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.6:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.6:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.6:rc2:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.6:rc3:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.7:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.8:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.9:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.0.10:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.0:-:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.0:beta1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.1:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.2:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.2:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.2:rc2:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.2:rc3:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.3:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.4:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.5:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.6:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.7:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.8:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.9:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.10:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.12:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.13:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.1.14:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.0:beta1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.1:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.2:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.3:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.3:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.4:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.4:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.5:*:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.5:rc1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:4.2.5:rc2:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:5.0.0:beta1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:* (Version <= 3.2.22)

OR cpe:/a:rubyonrails:ruby_on_rails:4.1.11:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:rubyonrails:rails:3.0.0:-:*:*:*:*:*:*

AND

cpe:/a:ibm:license_metric_tool:9.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:license_metric_tool:9.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:license_metric_tool:9.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:license_metric_tool:9.2:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20160752	V	CVE-2016-0752	2022-05-22
oval:org.opensuse.security:def:55255	P	Security update for apache2 (Important)	2021-10-06
oval:org.opensuse.security:def:55938	P	Security update for cpio (Important)	2021-08-23
oval:org.opensuse.security:def:13899	P	libfreetype6-2.6.3-7.8.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13992	P	openvpn-2.3.8-16.6.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14061	P	xen-4.7.0_12-23.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14017	P	python-libxml2-2.9.4-27.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14072	P	yast2-users-3.1.57-16.7 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14745	P	python-doc-2.7.13-28.11.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14085	P	apache2-mod_jk-1.2.40-5.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14723	P	pam_ssh-2.0-1.39 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13816	P	evince-3.20.1-5.66 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13863	P	libHX28-3.18-1.18 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13880	P	libXtst6-1.2.2-3.59 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:38206	P	Security update for libsndfile (Critical)	2021-07-27
oval:org.opensuse.security:def:38116	P	Security update for curl (Moderate)	2021-06-30
oval:org.opensuse.security:def:38425	P	Security update for SUSE Manager Client Tools (Important)	2021-06-21
oval:org.opensuse.security:def:13726	P	squid-3.3.13-4.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13718	P	rsyslog-8.4.0-8.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13748	P	wpa_supplicant-2.2-8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:38366	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:39265	P	Security update for openldap2 (Important)	2021-03-04
oval:org.opensuse.security:def:55772	P	Security update for postgresql12 (Important)	2020-12-04
oval:org.opensuse.security:def:55115	P	gdk-pixbuf-loader-rsvg on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27649	P	Security update for lighttpd	2020-12-01
oval:org.opensuse.security:def:55092	P	dia on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27561	P	rubygem-rack-1_4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38059	P	rzsz on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56616	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27663	P	Security update for rubygem-actionpack-2_1	2020-12-01
oval:org.opensuse.security:def:26943	P	libcap-progs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27610	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:26931	P	krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28380	P	Security update for rubygem-actionpack-3_2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:55493	P	Security update for webkitgtk (Moderate)	2020-12-01
oval:org.opensuse.security:def:27707	P	Security update for augeas (Moderate)	2020-12-01
oval:org.opensuse.security:def:27007	P	pam_mount on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26932	P	krb5-doc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55666	P	Security update for java-1_7_0-openjdk (Critical)	2020-12-01
oval:org.opensuse.security:def:28345	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:27135	P	gmime on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38474	P	rsyslog on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27216	P	libsnmp15-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38513	P	w3m on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37726	P	apache-commons-beanutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27273	P	procmail on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38541	P	apache-commons-beanutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37737	P	autofs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56423	P	Security update for systemd (Moderate)	2020-12-01
oval:org.opensuse.security:def:37725	P	ant on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56223	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:27357	P	ImageMagick on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38585	P	ecryptfs-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37821	P	ibus-chewing on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56497	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:55093	P	dnsmasq on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56331	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27508	P	libxslt-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39223	P	openconnect on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37958	P	libsmi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56535	P	Security update for openssl (Moderate)	2020-12-01
oval:com.ubuntu.bionic:def:201607520000000	V	CVE-2016-0752 on Ubuntu 18.04 LTS (bionic) - medium.	2016-02-16
oval:com.ubuntu.xenial:def:201607520000000	V	CVE-2016-0752 on Ubuntu 16.04 LTS (xenial) - medium.	2016-02-16
oval:com.ubuntu.disco:def:201607520000000	V	CVE-2016-0752 on Ubuntu 19.04 (disco) - medium.	2016-02-16
oval:com.ubuntu.cosmic:def:201607520000000	V	CVE-2016-0752 on Ubuntu 18.10 (cosmic) - medium.	2016-02-15
oval:com.ubuntu.artful:def:20160752000	V	CVE-2016-0752 on Ubuntu 17.10 (artful) - medium.	2016-02-15
oval:com.ubuntu.trusty:def:20160752000	V	CVE-2016-0752 on Ubuntu 14.04 LTS (trusty) - medium.	2016-02-15
oval:com.ubuntu.bionic:def:20160752000	V	CVE-2016-0752 on Ubuntu 18.04 LTS (bionic) - medium.	2016-02-15
oval:com.ubuntu.xenial:def:20160752000	V	CVE-2016-0752 on Ubuntu 16.04 LTS (xenial) - medium.	2016-02-15
oval:com.ubuntu.cosmic:def:20160752000	V	CVE-2016-0752 on Ubuntu 18.10 (cosmic) - medium.	2016-02-15
oval:com.ubuntu.precise:def:20160752000	V	CVE-2016-0752 on Ubuntu 12.04 LTS (precise) - medium.	2016-02-15

BACK