Lucene search
RubySecRUBY:MAIL-2012-2140-81632HistoryMar 13, 2012 - 8:00 p.m.
CVE-2012-2140 rubygem-mail: arbitrary command execution when using exim or sendmail from commandline
2012-03-1320:00:00
RubySec
rubysec.com
4
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.013 Low
EPSS
Percentile
86.1%
The Mail gem before 2.4.3 for Ruby allows remote attackers to execute
arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
References
Related
osv
osv
Mail Gem Improper Input Validation vulnerability
2017-10-24 18:33:38
nvd
nvd
CVE-2012-2140
2012-07-18 18:55:01
prion
prion
Code injection
2012-07-18 18:55:00
cvelist
cvelist
CVE-2012-2140
2012-07-18 18:00:00
github
github
Mail Gem Improper Input Validation vulnerability
2017-10-24 18:33:38
debiancve
debiancve
CVE-2012-2140
2012-07-18 18:55:01
cve
cve
CVE-2012-2140
2012-07-18 18:55:01
openvas
openvas
Fedora Update for rubygem-mail FEDORA-2012-7692
2012-05-22 00:00:00
Fedora Update for rubygem-actionmailer FEDORA-2012-7692
2012-05-22 00:00:00
FreeBSD Ports: rubygem-mail
2012-05-31 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: rubygem-actionmailer-3.0.10-2.fc16
2012-05-19 06:58:39
[SECURITY] Fedora 17 Update: rubygem-actionmailer-3.0.11-2.fc17
2012-05-26 06:47:52
[SECURITY] Fedora 15 Update: rubygem-actionmailer-3.0.5-3.fc15
2012-05-19 06:58:09
freebsd
freebsd
rubygem-mail -- multiple vulnerabilities
2012-03-14 00:00:00
nessus
nessus
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.013 Low
EPSS
Percentile
86.1%
Related for RUBY:MAIL-2012-2140-81632