CVE-2012-6496

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 21-12-2012 01:00

Last modified: - 21-12-2012 01:00

Total changes: - 9

Description

CVE-2012-6496 rubygem-activerecord: find_by_* SQL Injection

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:N/C:N/I:P/A:P

Low

Attack complexity

Network

Attack vector

Low

Availability

None

Confidentiality

Low

Integrity

-

Privileges required

-

Scope

-

User interaction

6.4

Base score

Exploitability score

Impact score

Verification logic

OR

AND

product=rubygem-actionpack-1 AND versionEndExcluding=3.0.10-11.el6cf

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=rubygem-activerecord-1 AND versionEndExcluding=3.0.10-8.el6cf

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=rubygem-activesupport-1 AND versionEndExcluding=3.0.10-5.el6cf

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=rubygem-actionpack-1 AND versionEndExcluding=3.0.10-11.el6cf

vendor=rhel_sam AND product=1.1 AND version=

AND

product=rubygem-activerecord-1 AND versionEndExcluding=3.0.10-8.el6cf

vendor=rhel_sam AND product=1.1 AND version=

AND

product=rubygem-activesupport-1 AND versionEndExcluding=3.0.10-5.el6cf

vendor=rhel_sam AND product=1.1 AND version=

AND

product=jenkins-0 AND versionEndExcluding=1.498-1.1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=mongodb-0 AND versionEndExcluding=2.0.2-6.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-console-0 AND versionEndExcluding=0.0.13-2.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-broker-0 AND versionEndExcluding=1.0.10-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-broker-util-0 AND versionEndExcluding=1.0.14-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-cartridge-haproxy-1.4-0 AND versionEndExcluding=1.0.3-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-cartridge-ruby-1.8-0 AND versionEndExcluding=1.0.5-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-cartridge-ruby-1.9-scl-0 AND versionEndExcluding=1.0.5-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-msg-node-mcollective-0 AND versionEndExcluding=1.0.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-node-util-0 AND versionEndExcluding=1.0.7-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-port-proxy-0 AND versionEndExcluding=1.0.3-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rhc-0 AND versionEndExcluding=1.3.2-1.3.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=ruby193-rubygem-activerecord-1 AND versionEndExcluding=3.2.8-2.el6

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=ruby193-rubygem-passenger-0 AND versionEndExcluding=3.0.12-21.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-activerecord-1 AND versionEndExcluding=3.0.13-3.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-openshift-origin-auth-remote-user-0 AND versionEndExcluding=1.0.4-2.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-openshift-origin-common-0 AND versionEndExcluding=1.0.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-openshift-origin-console-0 AND versionEndExcluding=1.0.6-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-openshift-origin-controller-0 AND versionEndExcluding=1.0.11-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-openshift-origin-dns-bind-0 AND versionEndExcluding=1.0.2-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-openshift-origin-msg-broker-mcollective-0 AND versionEndExcluding=1.0.4-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-openshift-origin-node-0 AND versionEndExcluding=1.0.10-6.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=ruby-rubygem-activerecord AND version=

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-activerecord AND version=

vendor=cloudforms_tools AND product=1

Reference

Keywords

REDHAT

CVE-2012-6496

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.