CVE-2006-4111: Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that…

CVE-2006-4112 [HIGH] Rails Denial of Service vulnerability Rails Denial of Service vulnerability Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service (application hang) or "data loss," a different vulnerability than CVE-2006-4111.

CVE-2006-4111 [HIGH] CWE-94 Ruby on Rails vulnerable to code injection Ruby on Rails vulnerable to code injection Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOAD_PATH variable, a different vulnerability than CVE-2006-4112.

CVE-2006-4111 [HIGH] Ruby on Rails vulnerable to code injection Ruby on Rails vulnerable to code injection Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOAD_PATH variable, a different vulnerability than CVE-2006-4112.

CVE-2006-4112 [HIGH] Rails Denial of Service vulnerability Rails Denial of Service vulnerability Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service (application hang) or "data loss," a different vulnerability than CVE-2006-4111.

CVE-2006-4112 [HIGH] CVE-2006-4112: Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1 Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service (application hang) or "data loss," a different vulnerability than CVE-2006-4111.

CVE-2006-4111 [HIGH] CVE-2006-4111: Ruby on Rails before 1 Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOAD_PATH variable, a different vulnerability than CVE-2006-4112.

CVE-2006-4112 [HIGH] CVE-2006-4112: rails - Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Ra... Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service (application hang) or "data loss," a different vulnerability than CVE-2006-4111. Scope: local bookworm: resolved (fixed in 1.1.6-1) bullseye: resolved (fixed in 1.1.6-1) forky: resolved (fixed in 1.1.6-1) sid: resolved (fixed in 1.1.6-1) trixie: resolved (fixed in 1.1.6-1)

CVE-2006-4111 [HIGH] CVE-2006-4111: rails - Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "se... Ruby on Rails before 1.1.5 allows remote attackers to execute Ruby code with "severe" or "serious" impact via a File Upload request with an HTTP header that modifies the LOAD_PATH variable, a different vulnerability than CVE-2006-4112. Scope: local bookworm: resolved (fixed in 1.1.5-1) bullseye: resolved (fixed in 1.1.5-1) forky: resolved (fixed in 1.1.5-1) sid: resolved (fixed in 1.1.5-1) trixie: resolved (fixed in 1.1.5-1)