OSVDB-106954 (quick_magick): quick_magick Gem for Ruby QuickMagick::Image.read Function Crafted String Handling Remote Command Injection

January 12th, 2011

ADVISORIES

OSVDB-106954

GEM

PATCHED VERSIONS

None.

DESCRIPTION

quick_magick Gem for Ruby contains a flaw in the QuickMagick::Image.read function. The issue is triggered when handling a specially crafted string. This may allow a remote attacker to inject arbitrary commands.

RubySec

OSVDB-106954 (quick_magick): quick_magick Gem for Ruby QuickMagick::Image.read Function Crafted String Handling Remote Command Injection

ADVISORIES

GEM

PATCHED VERSIONS

DESCRIPTION

Recent Advisories