CVE-2011-0449

high

Description

actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.4, when a case-insensitive filesystem is used, does not properly implement filters associated with the list of available templates, which allows remote attackers to bypass intended access restrictions via an action name that uses an unintended case for alphabetic characters.

References

http://www.vupen.com/english/advisories/2011/0877

http://weblog.rubyonrails.org/2011/2/8/new-releases-2-3-11-and-3-0-4

http://securitytracker.com/id?1025061

http://secunia.com/advisories/43278

http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html

http://groups.google.com/group/rubyonrails-security/msg/04345b2e84df5b4f?dmode=source&output=gplain

Details

Source: Mitre, NVD

Published: 2011-02-21

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Severity: High