Sha256: 5c6e4d7978365eeb97f5b47f0484b632e96ad537f6e6c1c880b1b74d9dd071c2
Contents?: true
Size: 547 Bytes
Versions: 9
Compression:
Stored size: 547 Bytes
Contents
--- gem: karteek-docsplit cve: 2013-1933 osvdb: 92117 url: http://osvdb.org/show/osvdb/92117 title: Karteek Docsplit Gem for Ruby text_extractor.rb File Name Shell Metacharacter Injection Arbitrary Command Execution date: 2013-04-08 description: Karteek Docsplit Gem for Ruby contains a flaw that is due to the program failing to properly sanitize input passed to text_extractor.rb. With a specially crafted file name that contains shell metacharacters, a context-dependent attacker can execute arbitrary commands cvss_v2: 9.3 patched_versions:
Version data entries
9 entries across 9 versions & 2 rubygems