Description
actionpack/lib/action_view/lookup_context.rb in Action View in Ruby on Rails 3.x before 3.2.16 and 4.x before 4.0.2 allows remote attackers to cause a denial of service (memory consumption) via a header containing an invalid MIME type that leads to excessive caching.
Remediation
References
Related Vulnerabilities
WordPress Plugin Welcome Announcement Multiple Cross-Site Scripting Vulnerabilities (1.0.5)
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.25)
WordPress Plugin Sitesassure WP Malware Scanner Cross-Site Scripting (1.0.1)
Apache HTTP Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-3185)