Lucene search
GitHub Advisory DatabaseGHSA-RFMF-RX8W-935WHistoryOct 24, 2017 - 6:33 p.m.
Sounder Contains Arbitrary Command Execution Vulnerability
2017-10-2418:33:37
CWE-94
GitHub Advisory Database
github.com
25
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.004
Percentile
75.1%
lib/sounder/sound.rb in the sounder gem 1.0.1 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a filename.
Affected configurations
Node
sounderRange<1.0.2
Related
cvelist
cvelist
CVE-2013-5647
2013-08-29 10:00:00
rubygems
rubygems
Sounder Gem for Ruby File Name Handling Arbitrary Command Execution
2013-08-13 20:00:00
cve
cve
CVE-2013-5647
2013-08-29 12:07:56
nvd
nvd
CVE-2013-5647
2013-08-29 12:07:56
osv
osv
Sounder Contains Arbitrary Command Execution Vulnerability
2017-10-24 18:33:37
prion
prion
Code injection
2013-08-29 12:07:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.004
Percentile
75.1%
Related for GHSA-RFMF-RX8W-935W