Back to search
CVE-2013-4389
Published: Oct 17, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
Multiple format string vulnerabilities in log_subscriber.rb files in the log subscriber component in Action Mailer in Ruby on Rails 3.x before 3.2.15 allow remote attackers to cause a denial of service via a crafted e-mail address that is improperly handled during construction of a log message.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
DSA-2887
vendor-advisory
x_refsource_DEBIAN
openSUSE-SU-2014:0009
vendor-advisory
x_refsource_SUSE
[ruby-security-ann] 20131016 Possible DoS Vulnerability in Action Mailer (CVE-2013-4389)
mailing-list
x_refsource_MLIST
openSUSE-SU-2013:1931
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2013:1928
vendor-advisory
x_refsource_SUSE
DSA-2888
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now