CVE-2012-2140

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 14-03-2012 01:00

Last modified: - 14-03-2012 01:00

Total changes: - 7

Description

CVE-2012-2140 rubygem-mail: arbitrary command execution when using exim or sendmail from commandline

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:N/C:P/I:P/A:P

Low

Attack complexity

Network

Attack vector

Low

Availability

Low

Confidentiality

Low

Integrity

-

Privileges required

-

Scope

-

User interaction

7.5

Base score

Exploitability score

Impact score

Verification logic

OR

AND

product=converge-ui-devel-0 AND versionEndExcluding=1.0.4-1.el6cf

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=puppet-0 AND versionEndExcluding=2.6.17-2.el6cf

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=rubygem-actionpack-1 AND versionEndExcluding=3.0.10-10.el6cf

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=rubygem-activerecord-1 AND versionEndExcluding=3.0.10-6.el6cf

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=rubygem-activesupport-1 AND versionEndExcluding=3.0.10-4.el6cf

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=rubygem-chunky_png-0 AND versionEndExcluding=1.2.0-3.el6cf

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=rubygem-compass-0 AND versionEndExcluding=0.11.5-2.el6cf

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=rubygem-compass-960-plugin-0 AND versionEndExcluding=0.10.4-2.el6cf

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=rubygem-delayed_job-0 AND versionEndExcluding=2.1.4-2.el6cf

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=rubygem-ldap_fluff-0 AND versionEndExcluding=0.1.3-1.el6_3

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=rubygem-mail-0 AND versionEndExcluding=2.3.0-3.el6cf

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=rubygem-net-ldap-0 AND versionEndExcluding=0.1.1-3.el6cf

vendor=cloudforms_cloudengine AND product=1 AND version=

AND

product=rubygem-mail AND version=

vendor=cloudforms_tools AND product=1

AND

product=rubygem-mail AND version=

vendor=rhel_sam AND product=1

Reference

Keywords

REDHAT

CVE-2012-2140

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.