Details of VAR-201312-0119

ID

VAR-201312-0119

CVE

CVE-2013-4492

TITLE

Ruby for i18n gem of exceptions.rb Vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2013-005372

DESCRIPTION

Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted I18n::MissingTranslationData.new call. RubyGems i18n is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Versions prior to RubyGems i18n 0.6.6, and 0.5.1 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2830-1 security@debian.org http://www.debian.org/security/ Florian Weiemr December 30, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ruby-i18n Vulnerability : cross-site scripting Problem type : remote Debian-specific: no CVE ID : CVE-2013-4492 Peter McLarnan discovered that the internationalization component of Ruby on Rails does not properly encode parameters in generated HTML code, resulting in a cross-site scripting vulnerability. This update corrects the underlying vulnerability in the i18n gem, as provided by the ruby-i18n package. The oldstable distribution (squeeze) is not affected by this problem; the libi18n-ruby package does not contain the vulnerable code. For the stable distribution (wheezy), this problem has been fixed in version 0.6.0-3+deb7u1. For the unstable distribution (sid), this problem has been fixed in version 0.6.9-1. We recommend that you upgrade your ruby-i18n packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJSwfRdAAoJEL97/wQC1SS+xwAH/iI7ga/tjp1b8r//lKu3BBt5 GClsPWVKd9TBEYGHTM2ipskSU9+EDOkt/vhWH9TK2C5BA0eo68b6I2Gg8Z+BQzGa SwfQmnIee/UX3gFi+mRnppyNp1WqAxEXvRNN/1JCiVevZAUEicnUx36xUn7paLIi T+I2iae9LrCrP11XtU0KzNeg3ktt5QOTvOHIjlsdXoDHqT8EzjGalk99qA4fVK0I FU2as0zhN6aZtnivhoIuc4P3u4XYoKhK7R4BL4bwW1KzSr4/LqZ2PAOLRexyWDwV HJdfcR3WyRvpuxQKVFU9XF+agjBhWU98B8BWaC7O7aTsFYpwtHdtRN6PGJgCXUA= =GovW -----END PGP SIGNATURE-----

Trust: 1.98

sources: NVD: CVE-2013-4492 // JVNDB: JVNDB-2013-005372 // BID: 64076 // PACKETSTORM: 124627

AFFECTED PRODUCTS

vendor:	i18n	model:	i18n	scope:	lte	version:	0.6.5	Trust: 1.0
vendor:	sven fuchs	model:	i18n	scope:	lt	version:	0.6.6	Trust: 0.8
vendor:	ruby i18n	model:	i18n	scope:	eq	version:	0.6.5	Trust: 0.6
vendor:	suse	model:	webyast	scope:	eq	version:	1.3	Trust: 0.3
vendor:	suse	model:	studio onsite	scope:	eq	version:	1.3	Trust: 0.3
vendor:	suse	model:	lifecycle management server	scope:	eq	version:	1.3	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	13.1	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	12.3	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	12.2	Trust: 0.3
vendor:	rubygems	model:	i18n	scope:	eq	version:	0.6.5	Trust: 0.3
vendor:	rubygems	model:	i18n	scope:	eq	version:	0.5.0	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	4.0	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.2.13	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.2.12	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.2.11	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.2.10	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.2.8	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.2.7	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.2.6	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.2.4	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.1.12	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.1.11	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.1.9	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.1.8	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.1.7	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.1.6	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.1.5	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.1.4	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.1.2	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.1	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.0.6	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.2.15	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.2	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.0.8	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	eq	version:	3.0.7	Trust: 0.3
vendor:	redhat	model:	software collections for rhel	scope:	eq	version:	0	Trust: 0.3
vendor:	redhat	model:	openstack	scope:	eq	version:	3.0	Trust: 0.3
vendor:	puppetlabs	model:	puppet enterprise	scope:	eq	version:	3.1	Trust: 0.3
vendor:	opscode	model:	chef	scope:	eq	version:	11.1.2	Trust: 0.3
vendor:	ibm	model:	security network protection xgs	scope:	eq	version:	51005.1.1	Trust: 0.3
vendor:	ibm	model:	security network protection xgs	scope:	eq	version:	51005.1	Trust: 0.3
vendor:	ibm	model:	security network protection xgs	scope:	eq	version:	5.1.2	Trust: 0.3
vendor:	debian	model:	linux sparc	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux s/390	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux powerpc	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux mips	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux ia-64	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux ia-32	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux arm	scope:	eq	version:	6.0	Trust: 0.3
vendor:	debian	model:	linux amd64	scope:	eq	version:	6.0	Trust: 0.3
vendor:	rubygems	model:	i18n	scope:	ne	version:	0.6.6	Trust: 0.3
vendor:	rubygems	model:	i18n	scope:	ne	version:	0.5.1	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	ne	version:	4.0.2	Trust: 0.3
vendor:	ruby	model:	on rails ruby on rails	scope:	ne	version:	3.2.16	Trust: 0.3
vendor:	puppetlabs	model:	puppet enterprise	scope:	ne	version:	3.1.1	Trust: 0.3
vendor:	opscode	model:	chef	scope:	ne	version:	11.1.3	Trust: 0.3

sources: BID: 64076 // JVNDB: JVNDB-2013-005372 // CNNVD: CNNVD-201312-124 // NVD: CVE-2013-4492

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-4492
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2013-4492
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201312-124
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2013-4492
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8

sources: JVNDB: JVNDB-2013-005372 // CNNVD: CNNVD-201312-124 // NVD: CVE-2013-4492

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 1.8

sources: JVNDB: JVNDB-2013-005372 // NVD: CVE-2013-4492

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201312-124

TYPE

xss

Trust: 0.7

sources: PACKETSTORM: 124627 // CNNVD: CNNVD-201312-124

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-005372

PATCH

title:	The I18n::MissingTranslation exception escapes key names for its html_message	url:	https://github.com/svenfuchs/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445	Trust: 0.8
title:	[CVE-2013-4491] Reflective XSS Vulnerability in Ruby on Rails	url:	https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k_EJ	Trust: 0.8
title:	Rails 3.2.16 and 4.0.2 have been released!	url:	http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/	Trust: 0.8
title:	i18n	url:	http://rubygems.org/gems/i18n	Trust: 0.8
title:	lib-i18n-exceptions.rb	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=46892	Trust: 0.6

sources: JVNDB: JVNDB-2013-005372 // CNNVD: CNNVD-201312-124

EXTERNAL IDS

db:	NVD	id:	CVE-2013-4492	Trust: 2.8
db:	BID	id:	64076	Trust: 1.9
db:	JVNDB	id:	JVNDB-2013-005372	Trust: 0.8
db:	CNNVD	id:	CNNVD-201312-124	Trust: 0.6
db:	PACKETSTORM	id:	124627	Trust: 0.1

sources: BID: 64076 // JVNDB: JVNDB-2013-005372 // PACKETSTORM: 124627 // CNNVD: CNNVD-201312-124 // NVD: CVE-2013-4492

REFERENCES

url:	http://weblog.rubyonrails.org/2013/12/3/rails_3_2_16_and_4_0_2_have_been_released/	Trust: 1.6
url:	https://groups.google.com/forum/message/raw?msg=ruby-security-ann/plrh6duw998/blfeyio4k_ej	Trust: 1.6
url:	http://www.debian.org/security/2013/dsa-2830	Trust: 1.6
url:	https://github.com/svenfuchs/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445	Trust: 1.6
url:	http://lists.opensuse.org/opensuse-updates/2013-12/msg00093.html	Trust: 1.6
url:	http://www.securityfocus.com/bid/64076	Trust: 1.6
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4492	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4492	Trust: 0.8
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1039435	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2013-4492	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2017:0320	Trust: 0.6
url:	https://access.redhat.com/errata/rhba-2015:1100	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2018:0380	Trust: 0.6
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1036922	Trust: 0.3
url:	http://www.getchef.com/blog/2014/04/09/chef-server-heartbleed-cve-2014-0160-releases/	Trust: 0.3
url:	http://puppetlabs.com/security/cve/cve-2013-4491	Trust: 0.3
url:	http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/	Trust: 0.3
url:	http://www.rubyonrails.com/	Trust: 0.3
url:	rubygems.org/gems/i18n	Trust: 0.3
url:	https://rhn.redhat.com/errata/rhsa-2014-0008.html	Trust: 0.3
url:	https://rhn.redhat.com/errata/rhsa-2013-1794.html	Trust: 0.3
url:	http://www-01.ibm.com/support/docview.wss?uid=swg21665279	Trust: 0.3
url:	https://www.suse.com/support/update/announcement/2014/suse-su-20140734-1.html	Trust: 0.3
url:	http://www.debian.org/security/faq	Trust: 0.1
url:	http://www.debian.org/security/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2013-4492	Trust: 0.1

sources: BID: 64076 // JVNDB: JVNDB-2013-005372 // PACKETSTORM: 124627 // CNNVD: CNNVD-201312-124 // NVD: CVE-2013-4492

CREDITS

Peter McLarnan of Matasano Security.

Trust: 0.3

sources: BID: 64076

SOURCES

db:	BID	id:	64076
db:	JVNDB	id:	JVNDB-2013-005372
db:	PACKETSTORM	id:	124627
db:	CNNVD	id:	CNNVD-201312-124
db:	NVD	id:	CVE-2013-4492

LAST UPDATE DATE

2024-08-14T12:34:16.237000+00:00

SOURCES UPDATE DATE

db:	BID	id:	64076	date:	2015-04-13T21:56:00
db:	JVNDB	id:	JVNDB-2013-005372	date:	2013-12-10T00:00:00
db:	CNNVD	id:	CNNVD-201312-124	date:	2023-04-14T00:00:00
db:	NVD	id:	CVE-2013-4492	date:	2023-02-13T04:47:02.933

SOURCES RELEASE DATE

db:	BID	id:	64076	date:	2013-12-03T00:00:00
db:	JVNDB	id:	JVNDB-2013-005372	date:	2013-12-10T00:00:00
db:	PACKETSTORM	id:	124627	date:	2013-12-31T14:01:56
db:	CNNVD	id:	CNNVD-201312-124	date:	2013-12-09T00:00:00
db:	NVD	id:	CVE-2013-4492	date:	2013-12-07T00:55:03.663