CVE-2013-1947

kelredd-pruview gem 0.3.8 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument to (1) document.rb, (2) video.rb, or (3) video_image.rb.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:kelly_d._redding:kelredd-pruview:0.3.8:*:*:*:*:*:*:*
cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2013-04-25 23:55

Updated : 2024-02-04 18:16


NVD link : CVE-2013-1947

Mitre link : CVE-2013-1947

CVE.ORG link : CVE-2013-1947


JSON object : View

Products Affected

ruby-lang

  • ruby

kelly_d._redding

  • kelredd-pruview
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')