CVE-2013-1911
The CVE refers to the Ruby Gem ldoce (0.0.2). It explains that lib/ldoce/word.rb accepts an mp3 URL or filename and, if it contains shell metacharacters, can lead to remote command execution. The issue is triggered during handling of MP3 URLs/filenames, potentially allowing an attacker to run arb...