Arbitrary Command Execution Vulnerability in kelredd-pruview Gem 0.3.8

Arbitrary Command Execution Vulnerability in kelredd-pruview Gem 0.3.8

CVE-2013-1947 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

kelredd-pruview gem 0.3.8 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument to (1) document.rb, (2) video.rb, or (3) video_image.rb.

Learn more about our Web Application Penetration Testing UK.