Lucene search
K

5 matches found

securityvulns
securityvulns
added 2014/05/04 12:0 a.m.63 views

Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem

Title: Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem Author: Larry W. Cashdollar, @larry0 Download Site: http://rubygems.org/gems/Arabic-Prawn CVE: 2014-2322 Date: 12/17/2013 In Arabic-Prawn-0.0.1/lib/stringutfsupport.rb, the following lines pass unsanitized input to the shell. 426 var ...

7.5AI score
Exploits0
CVE
CVE
added 2014/05/02 2:0 p.m.72 views

CVE-2014-2322

CVE-2014-2322 affects the Arabic Prawn Ruby gem (version 0.0.1). The vulnerability is in lib/string_utf_support.rb, where unsanitized user input is passed to the shell, allowing remote command execution via shell metacharacters in the downloaded_file or url variables. This is a remote command inj...

7.5CVSS7.7AI score0.02188EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2014/05/02 2:0 p.m.25 views

CVE-2014-2322

lib/stringutfsupport.rb in the Arabic Prawn 0.0.1 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 downloadedfile or 2 url variable...

7.6AI score0.02188EPSS
Exploits3References3
0day.today
0day.today
added 2014/03/13 12:0 a.m.53 views

Ruby Gem Arabic Prawn 0.0.1 Command Injection Vulnerability

Arabic Prawn Ruby gem version 0.0.1 suffers from a remote command injection vulnerability. Title: Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem Author: Larry W. Cashdollar, @larry0 Download Site: http://rubygems.org/gems/Arabic-Prawn CVE: 2014-2322 Date: 12/17/2013 In...

7.5CVSS0.7AI score0.02188EPSS
Exploits3
Packet Storm
Packet Storm
added 2014/03/12 12:0 a.m.45 views

Ruby Gem Arabic Prawn 0.0.1 Command Injection

Title: Remote Command Injection in Arabic Prawn 0.0.1 Ruby Gem Author: Larry W. Cashdollar, @larry0 Download Site: http://rubygems.org/gems/Arabic-Prawn CVE: 2014-2322 Date: 12/17/2013 In Arabic-Prawn-0.0.1/lib/stringutfsupport.rb, the following lines pass unsanitized input to the shell. 426 var ...

7.5CVSS0.5AI score0.02188EPSS
Exploits3
Rows per page
Query Builder