OS X security update for Profile Manager (CVE-2016-0751)
|5||(AV:N/AC:L/Au:N/C:N/I:N/A:P)||February 15, 2016||March 28, 2017||October 30, 2017|
actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 220.127.116.11, 4.0.x and 4.1.x before 18.104.22.168, 4.2.x before 22.214.171.124, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP Accept header.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!