CVE-2013-4478 (sup): Sup MUA Email Attachment Content Type Handling Arbitrary Command Execution

October 29th, 2013

ADVISORIES

CVE-2013-4478 (NVD)
OSVDB-99074
Vendor Advisory

GEM

sup

SEVERITY

CVSS v2.0: 6.8 (Medium)

PATCHED VERSIONS

~> 0.13.2.1
>= 0.14.1.1

DESCRIPTION

Sup MUA contains a flaw that is triggered when handling email attachment content. This may allow a context-dependent attacker to execute arbitrary commands.

RubySec

CVE-2013-4478 (sup): Sup MUA Email Attachment Content Type Handling Arbitrary Command Execution

ADVISORIES

GEM

SEVERITY

PATCHED VERSIONS

DESCRIPTION

Recent Advisories