CVE-2013-2616
lib/mini_magick.rb in the MiniMagick Gem 1.3.1 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
| Software | From | Fixed in |
|---|---|---|
| rubygems / mini_magick | 1.3.1 | 1.3.1.x |
mini_magick
|
- | 3.6.0 |
- http://packetstormsecurity.com/files/120777/Ruby-Gem-Minimagic-Command-Execution.html
- http://seclists.org/fulldisclosure/2013/Mar/123
- http://www.openwall.com/lists/oss-security/2013/03/19/9
- http://www.osvdb.org/91231
- http://www.securityfocus.com/bid/58448
- https://web.archive.org/web/20130315095512/http://www.securityfocus.com/bid/58448
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime