10 matches found
EUVD-2017-0250
Malware in sbrugna...
GHSA-HGMW-X865-HF9X Arabic Prawn allows remote attackers to execute arbitrary commands via shell metacharacters
lib/stringutfsupport.rb in the Arabic Prawn 0.0.1 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 downloadedfile or 2 url variable...
Arabic Prawn allows remote attackers to execute arbitrary commands via shell metacharacters
lib/stringutfsupport.rb in the Arabic Prawn 0.0.1 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 downloadedfile or 2 url variable...
Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem
Title: Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem Author: Larry W. Cashdollar, @larry0 Download Site: http://rubygems.org/gems/Arabic-Prawn CVE: 2014-2322 Date: 12/17/2013 In Arabic-Prawn-0.0.1/lib/stringutfsupport.rb, the following lines pass unsanitized input to the shell. 426 var ...
CVE-2014-2322
lib/stringutfsupport.rb in the Arabic Prawn 0.0.1 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 downloadedfile or 2 url variable...
Code injection
lib/stringutfsupport.rb in the Arabic Prawn 0.0.1 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 downloadedfile or 2 url variable...
CVE-2014-2322
lib/stringutfsupport.rb in the Arabic Prawn 0.0.1 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 downloadedfile or 2 url variable...
Ruby Gem Arabic Prawn 0.0.1 Command Injection Vulnerability
Arabic Prawn Ruby gem version 0.0.1 suffers from a remote command injection vulnerability. Title: Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem Author: Larry W. Cashdollar, @larry0 Download Site: http://rubygems.org/gems/Arabic-Prawn CVE: 2014-2322 Date: 12/17/2013 In...
Ruby Gem Arabic Prawn 0.0.1 Command Injection
Title: Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem Author: Larry W. Cashdollar, @larry0 Download Site: http://rubygems.org/gems/Arabic-Prawn CVE: 2014-2322 Date: 12/17/2013 In Arabic-Prawn-0.0.1/lib/stringutfsupport.rb, the following lines pass unsanitized input to the shell. 426 var ...
Arabic Prawn Gem for Ruby lib/string_utf_support.rb User Input Handling Remote Command Injection
Arabic Prawn Gem for Ruby contains a flaw in the lib/stringutfsupport.rb file. The issue is due to the program failing to sanitize user input. This may allow a remote attacker to inject arbitrary commands. "lib/stringutfsupport.rb" in the Arabic Prawn 0.0.1 gem for Ruby allows remote attackers to...