Lucene search
HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-5647
cve-2013-5647
sounder gem
remote attackers
arbitrary commands
shell metacharacters
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.9 High
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
77.9%
lib/sounder/sound.rb in the sounder gem 1.0.1 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a filename.
Affected configurations
Node
adam_zaninovichsounderMatch1.0.1
ruby-langruby
| CPE | Name | Operator | Version |
|---|---|---|---|
| adam_zaninovich:sounder | adam zaninovich sounder | eq | 1.0.1 |
Related
cvelist
cvelist
CVE-2013-5647
2022-10-03 16:14:56
prion
prion
Code injection
2013-08-29 12:07:00
nvd
nvd
CVE-2013-5647
2013-08-29 12:07:56
osv
osv
Sounder Contains Arbitrary Command Execution Vulnerability
2017-10-24 18:33:37
github
github
Sounder Contains Arbitrary Command Execution Vulnerability
2017-10-24 18:33:37
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.9 High
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
77.9%
Related for CVE-2013-5647