Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-0752

Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname.

Published

2016-02-16T02:59:06.783

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-22
Type: Secondary
CWE-22

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	rubyonrails	rails	< 3.2.22.1	Yes
Application	rubyonrails	rails	< 4.1.14.1	Yes
Application	rubyonrails	rails	< 4.2.5.1	Yes
Application	rubyonrails	rails	5.0.0	Yes
Operating System	opensuse	leap	42.1	Yes
Operating System	opensuse	opensuse	13.2	Yes
Operating System	suse	linux_enterprise_module_for_containers	12	Yes
Operating System	debian	debian_linux	8.0	Yes
Application	redhat	software_collections	1.0	Yes

References

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178044.html Permissions Required ([email protected])
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178069.html Permissions Required ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html Mailing List, Third Party Advisory ([email protected])
http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html Mailing List, Third Party Advisory ([email protected])
http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html Mailing List, Third Party Advisory ([email protected])
http://rhn.redhat.com/errata/RHSA-2016-0296.html Third Party Advisory ([email protected])
http://www.debian.org/security/2016/dsa-3464 Mailing List, Third Party Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2016/01/25/13 Exploit, Mailing List ([email protected])
http://www.securityfocus.com/bid/81801 Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1034816 Broken Link, Third Party Advisory, VDB Entry ([email protected])
https://groups.google.com/forum/message/raw?msg=ruby-security-ann/335P1DcLG00/JXcBnTtZEgAJ Broken Link ([email protected])
https://www.exploit-db.com/exploits/40561/ Exploit, Third Party Advisory, VDB Entry ([email protected])
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178044.html Permissions Required (af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178069.html Permissions Required (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00034.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2016-0296.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2016/dsa-3464 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2016/01/25/13 Exploit, Mailing List (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/81801 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1034816 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://groups.google.com/forum/message/raw?msg=ruby-security-ann/335P1DcLG00/JXcBnTtZEgAJ Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/40561/ Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)