CVE-2013-7086 (webbynode): Webbynode Gem for Ruby notify.rb growlnotify Message Handling Arbitrary Command Execution

December 12th, 2013

ADVISORIES

CVE-2013-7086 (NVD)
GHSA-p65m-qr5x-rrqq
OSVDB-100920

GEM

webbynode

SEVERITY

CVSS v2.0: 7.5 (High)

PATCHED VERSIONS

None.

DESCRIPTION

Webbynode Gem for Ruby contains a flaw in notify.rb that is triggered when handling a specially crafted growlnotify message. This may allow a context-dependent attacker to execute arbitrary commands.

RubySec

CVE-2013-7086 (webbynode): Webbynode Gem for Ruby notify.rb growlnotify Message Handling Arbitrary Command Execution

ADVISORIES

GEM

SEVERITY

PATCHED VERSIONS

DESCRIPTION

Recent Advisories