PublicDate: 2006-12-06 19:28:00 UTC
Candidate: CVE-2006-6303
References:
 https://ubuntu.com/security/notices/USN-394-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6303
Description:
 The read_multipart function in cgi.rb in Ruby before 1.8.5-p2 does not
 properly detect boundaries in MIME multipart content, which allows remote
 attackers to cause a denial of service (infinite loop) via crafted HTTP
 requests, a different issue than CVE-2006-5467.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
upstream_ruby1.8: released (1.8.6)
dapper_ruby1.8: released (1.8.4-1ubuntu1.3)
edgy_ruby1.8: released (1.8.4-5ubuntu1.2)
feisty_ruby1.8: released (1.8.5-4ubuntu2)
devel_ruby1.8: not-affected