OSVDB-107783 (screen_capture): Screen Capture Gem for Ruby screen_capture.rb URL Handling Arbitrary Command Execution

June 7th, 2014

ADVISORIES

OSVDB-107783
Vendor Advisory

GEM

PATCHED VERSIONS

None.

DESCRIPTION

Screen Capture Gem for Ruby contains a flaw in screen_capture.rb that is triggered when handling input passed via the URL. This may allow a context-dependent attacker to execute arbitrary commands.

https://github.com/jamster/screen_capture/blob/master/lib/screen_capture.rb
http://osvdb.org/show/osvdb/107783

RubySec

OSVDB-107783 (screen_capture): Screen Capture Gem for Ruby screen_capture.rb URL Handling Arbitrary Command Execution

ADVISORIES

GEM

PATCHED VERSIONS

DESCRIPTION

RELATED

Recent Advisories