The read_multipart function in cgi.rb in Ruby before 1.8.5-p2 does not properly detect boundaries in MIME multipart content, which allows remote attackers to cause a denial of service (infinite loop) via crafted HTTP requests, a different issue than CVE-2006-5467.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2006-12-06 11:28
Updated : 2017-10-10 18:31
NVD link : CVE-2006-6303
Mitre link : CVE-2006-6303
JSON object : View
CWE
CWE-399
Resource Management Errors
Products Affected
yukihiro_matsumoto
- ruby