CVE-2011-0448

Ruby on Rails 3.0.x < 3.0.4 - SQL Injection via Non-Numeric Limit Argument

Title source: llm

Description

Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-numeric argument.

References (7)

Core 7

Core References

Patch

http://weblog.rubyonrails.org/2011/2/8/new-releases-2-3-11-and-3-0-4

Patch mailing-list

http://groups.google.com/group/rubyonrails-security/msg/4e19864cf6ad40ad?dmode=source&output=gplain

Vendor Advisory third-party-advisory

http://secunia.com/advisories/43278

Patch

https://github.com/rails/rails/commit/354da43ab0a10b3b7b3f9cb0619aa562c3be8474

Third Party Advisory, VDB Entry vdb-entry

http://securitytracker.com/id?1025063

Mailing List, Third Party Advisory vendor-advisory

http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html

Third Party Advisory vdb-entry

http://www.vupen.com/english/advisories/2011/0877

Scores

EPSS 0.0069

EPSS Percentile 72.0%

Details

CWE

CWE-89

Status published

Products (6)

rubygems/activerecord 3.0.0 - 3.0.4RubyGems

rubyonrails/rails 3.0.0 (7 CPE variants)

rubyonrails/rails 3.0.1 (2 CPE variants)

rubyonrails/rails 3.0.2 (2 CPE variants)

rubyonrails/rails 3.0.3

rubyonrails/rails 3.0.4 rc1

Published Feb 21, 2011

Tracked Since Feb 18, 2026