1 results (0.003 seconds)

CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0

kelredd-pruview gem 0.3.8 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument to (1) document.rb, (2) video.rb, or (3) video_image.rb. kelredd-pruview v0.3.8 para Ruby permite a atacantes dependientes de contexto ejecutar comandos arbitrarios vía metacaracteres de shell en un argumento de nombre de archivo a (1) document.rb, (2) video.rb, o (3) video_image.rb. • http://www.openwall.com/lists/oss-security/2013/04/10/3 http://www.openwall.com/lists/oss-security/2013/04/12/2 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •