ADVISORIES

• OSVDB-108585
• Vendor Advisory

GEM

lingq

PATCHED VERSIONS

None.

DESCRIPTION

lingq Gem for Ruby contains a flaw in client.rb that is triggered when handling metacharacters. This may allow a remote attacker to execute arbitrary commands.

RELATED

• https://www.versioneye.com/Ruby/lingq/0.3.1
• http://www.vapid.dhs.org/advisories/lingq-0.3.1.html
• http://www.vapidlabs.com/advisory.php?v=71
• http://osvdb.org/show/osvdb/108585