Ruby multi_xml CVE-2013-0175 Remote Arbitrary Command Execution Vulnerability

The multi_xml for Ruby is prone to a remote arbitrary command-execution vulnerability because it fails to properly validate user-supplied input.

An attacker can exploit this issue to execute arbitrary commands within the context of the vulnerable application.

multi_xml gem 0.5.1 is vulnerable; other versions may also affected.


 

Privacy Statement
Copyright 2010, SecurityFocus