sprout Gem for Ruby archive_unpacker.rb unpack_zip() Function Multiple Parameter Arbitrary Code Execution
Published: December 02, 2013
SECURITY IDENTIFIERS
- CVE: CVE-2013-6421 (NVD)
- GHSA: GHSA-229r-pqp6-8w6g
- OSVDB: OSVDB-100598
GEM
SEVERITY
CVSS v2.0: 7.5 (High)
UNAFFECTED VERSIONS
< 0.7.246
PATCHED VERSIONS
None available.
DESCRIPTION
sprout Gem for Ruby contains a flaw in the unpack_zip() function in archive_unpacker.rb. The issue is due to the program failing to properly sanitize input passed via the 'zip_file', 'dir', 'zip_name', and 'output' parameters. This may allow a context-dependent attacker to execute arbitrary code.