Lucene search
RubySecRUBY:ACTIONMAILER-2013-4389-98629HistoryOct 15, 2013 - 8:00 p.m.
CVE-2013-4389 rubygem-actionmailer: email address processing DoS
2013-10-1520:00:00
RubySec
rubysec.com
21
Multiple format string vulnerabilities in log_subscriber.rb files in
the log subscriber component in Action Mailer in Ruby on Rails 3.x before 3.2.15
allow remote attackers to cause a denial of service via a crafted e-mail address
that is improperly handled during construction of a log message.
| CPE | Name | Operator | Version |
|---|---|---|---|
| actionmailer | le | 2.3.1 | |
| actionmailer | ge | 2.4.0 | |
| actionmailer | lt | 3.2.15 |
References
Related
nessus
nessus
prion
prion
Format string
2013-10-17 00:55:00
securityvulns
securityvulns
[SECURITY] [DSA 2887-1] ruby-actionmailer-3.2 security update
2014-05-04 00:00:00
[SECURITY] [DSA 2888-1] ruby-actionpack-3.2 security update
2014-05-04 00:00:00
Ruby Actionpack / Actionmailer multiple security vulnerabilities
2014-05-04 00:00:00
github
github
actionmailer email address processing causes Denial of service
2017-10-24 18:33:37
openvas
openvas
Fedora Update for rubygem-actionmailer FEDORA-2014-0970
2014-01-27 00:00:00
Debian: Security Advisory (DSA-2887-1)
2014-03-26 00:00:00
ubuntucve
ubuntucve
CVE-2013-4389
2013-10-17 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: rubygem-activesupport-3.2.13-2.fc19
2014-01-24 07:50:26
[SECURITY] Fedora 19 Update: rubygem-actionmailer-3.2.13-2.fc19
2014-01-24 07:50:26
[SECURITY] Fedora 19 Update: rubygem-actionpack-3.2.13-4.fc19
2014-01-24 07:50:26
debian
debian
[SECURITY] [DSA 2887-1] ruby-actionmailer-3.2 security update
2014-03-27 15:03:09
[SECURITY] [DSA 2888-1] ruby-actionpack-3.2 security update
2014-03-27 15:04:16
cve
cve
CVE-2013-4389
2013-10-17 00:55:00
debiancve
debiancve
CVE-2013-4389
2013-10-17 00:55:00
osv
osv
actionmailer email address processing causes Denial of service
2017-10-24 18:33:37
gitlab
gitlab
Possible DoS Vulnerability
2013-10-16 00:00:00
Related for RUBY:ACTIONMAILER-2013-4389-98629