IBM Security Bulletin: Vulnerability in Ruby on Rails affects IBM Endpoint Manager for Security Configuration Management (CVE-2014-7829)

Ruby on Rails could allow a remote attacker to obtain sensitive information, caused by an information leak in Action Pack. By sending a specially crafted request, a remote attacker could exploit this vulnerability to determine if a file exists on the...

from IBM Product Security Incident Response Team http://ift.tt/1IQ4e5I