CVE-2012-2140

Published: Jul 18, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.redhat.com/show_bug.cgi?id=816352

x_refsource_MISC

FEDORA-2012-7535

vendor-advisory

x_refsource_FEDORA

https://github.com/mikel/mail/commit/ac56f03bdfc30b379aeecd4ff317d08fdaa328c2

x_refsource_CONFIRM

[oss-security] 20120425 CVE request: two flaws fixed in rubygem-mail 2.4.4

mailing-list

x_refsource_MLIST

FEDORA-2012-7692

vendor-advisory

x_refsource_FEDORA

https://bugzilla.novell.com/show_bug.cgi?id=759092

x_refsource_MISC

48970

third-party-advisory

x_refsource_SECUNIA

https://github.com/mikel/mail/commit/39b590ddb08f90ddbe445837359a2c8843e533d0

x_refsource_CONFIRM

https://github.com/mikel/mail/blob/9beb079c70d236a5ad2e1ba95b2c977e55deb7af/CHANGELOG.rdoc

x_refsource_CONFIRM

FEDORA-2012-7619

vendor-advisory

x_refsource_FEDORA

[oss-security] 20120425 Re: CVE request: two flaws fixed in rubygem-mail 2.4.4

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-2140

Description

Affected Products

References