CVE-2012-2139

2012-07-18T14:55:01
ID CVE-2012-2139
Type cve
Reporter NVD
Modified 2013-10-07T12:18:35

Description

Directory traversal vulnerability in lib/mail/network/delivery_methods/file_delivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. (dot dot) in the to parameter.