OSVDB-106954 (quick_magick): quick_magick Gem for Ruby QuickMagick::Image.read Function Crafted String Handling Remote Command Injection

January 12th, 2011

ADVISORIES

OSVDB-106954
Vendor Advisory

GEM

PATCHED VERSIONS

None.

DESCRIPTION

quick_magick Gem for Ruby contains a flaw in the QuickMagick::Image.read function. The issue is triggered when handling a specially crafted string. This may allow a remote attacker to inject arbitrary commands.

https://security.snyk.io/vuln/SNYK-RUBY-QUICKMAGICK-20012
http://osvdb.org/show/osvdb/106954

RubySec

OSVDB-106954 (quick_magick): quick_magick Gem for Ruby QuickMagick::Image.read Function Crafted String Handling Remote Command Injection

ADVISORIES

GEM

PATCHED VERSIONS

DESCRIPTION

RELATED

Recent Advisories