MidnightBSD

Advisories for herry

CVE-2014-2888 HIGH

lib/sfpagent/bsig.rb in the sfpagent gem before 0.4.15 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in the module name in a JSON request.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
herry sfpagent 0.1.12
herry sfpagent 0.3.2
herry sfpagent 0.2.9
herry sfpagent 0.4.10
herry sfpagent 0.1.0
herry sfpagent 0.0.1
herry sfpagent 0.4.6
herry sfpagent 0.3.1
herry sfpagent 0.4.5
herry sfpagent 0.2.7
herry sfpagent 0.1.11
herry sfpagent 0.4.2
herry sfpagent 0.1.6
herry sfpagent 0.1.10
herry sfpagent 0.4.3
herry sfpagent 0.1.2
herry sfpagent 0.1.14
herry sfpagent 0.3.10
herry sfpagent 0.1.9
herry sfpagent 0.1.5
herry sfpagent 0.2.2
herry sfpagent 0.3.6
herry sfpagent *
herry sfpagent 0.2.0
herry sfpagent 0.3.7
herry sfpagent 0.3.9
herry sfpagent 0.4.0
herry sfpagent 0.1.3
herry sfpagent 0.1.13
herry sfpagent 0.3.3
herry sfpagent 0.1.1
herry sfpagent 0.3.0
herry sfpagent 0.4.13
herry sfpagent 0.2.3
herry sfpagent 0.2.6
herry sfpagent 0.4.8
herry sfpagent 0.1.4
herry sfpagent 0.4.9
herry sfpagent 0.1.7
herry sfpagent 0.2.10
herry sfpagent 0.4.12
herry sfpagent 0.3.8
herry sfpagent 0.3.5
herry sfpagent 0.2.4
herry sfpagent 0.2.5
herry sfpagent 0.4.7
herry sfpagent 0.4.1
herry sfpagent 0.2.8
herry sfpagent 0.4.11
herry sfpagent 0.3.4
herry sfpagent 0.1.8
herry sfpagent 0.4.4
herry sfpagent 0.2.1