CVE-2012-2140
published 2012-07-18CVE-2012-2140: The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
PriorityP352high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
4.47%
90.3th percentile
The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | ruby-mail | < ruby-mail 2.4.4-1 (bookworm) | ruby-mail 2.4.4-1 (bookworm) |
| nextcloud | >= 0 < 2.4.3 | 2.4.3 | |
| rubygems | mail_gem | <= 2.4.1 | — |
| rubygems | mail_gem | — | — |
| rubygems | mail_gem | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
rubygem-mail: arbitrary command execution when using exim or sendmail from commandline
vendor_redhat·2012-03-14·CVSS 7.5
CVE-2012-2140 [HIGH] CWE-78 rubygem-mail: arbitrary command execution when using exim or sendmail from commandline
rubygem-mail: arbitrary command execution when using exim or sendmail from commandline
The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
Package: rubygem-mail (Red Hat Subscription Asset Manager) - Affected
Debian
CVE-2012-2140: ruby-mail - The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary ...
vendor_debian·2012·CVSS 7.5
CVE-2012-2140 [HIGH] CVE-2012-2140: ruby-mail - The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary ...
The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
Scope: local
bookworm: resolved (fixed in 2.4.4-1)
bullseye: resolved (fixed in 2.4.4-1)
forky: resolved (fixed in 2.4.4-1)
sid: resolved (fixed in 2.4.4-1)
trixie: resolved (fixed in 2.4.4-1)
OSV
Mail Gem Improper Input Validation vulnerability
osv·2017-10-24
CVE-2012-2140 [HIGH] Mail Gem Improper Input Validation vulnerability
Mail Gem Improper Input Validation vulnerability
The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
GHSA
Mail Gem Improper Input Validation vulnerability
ghsa·2017-10-24
CVE-2012-2140 [HIGH] CWE-20 Mail Gem Improper Input Validation vulnerability
Mail Gem Improper Input Validation vulnerability
The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
OSV
CVE-2012-2140: The Mail gem before 2
osv·2012-07-18·CVSS 7.5
CVE-2012-2140 [HIGH] CVE-2012-2140: The Mail gem before 2
The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2012-2139 rubygem-mail: directory traversal
bugzilla·2013-01-03·CVSS 5.0
CVE-2012-2139 [MEDIUM] CVE-2012-2139 rubygem-mail: directory traversal
CVE-2012-2139 rubygem-mail: directory traversal
A flaw was corrected in rubygem-mail version 2.4.4:
A file system traversal in file_delivery method [1].
[1] https://github.com/mikel/mail/commit/29aca25218e4c82991400eb9b0c933626aefc98f
Discussion:
This was previously tracked via bug 816352 along with CVE-2012-2140. The bug was split as explained in bug 816352, comment 13.
Bugzilla
CVE-2012-2140 rubygem-mail: arbitrary command execution when using exim or sendmail from commandline
bugzilla·2012-04-25·CVSS 5.0
CVE-2012-2140 [MEDIUM] CVE-2012-2140 rubygem-mail: arbitrary command execution when using exim or sendmail from commandline
CVE-2012-2140 rubygem-mail: arbitrary command execution when using exim or sendmail from commandline
Two flaws were corrected in rubygem-mail version 2.4.4:
A file system traversal in file_delivery method [1].
Arbitrary command execution when using exim or sendmail from the commandline [2],[3].
[1] https://github.com/mikel/mail/commit/29aca25218e4c82991400eb9b0c933626aefc98f
[2] https://github.com/mikel/mail/commit/36b7fa23d38cb59dd79b7efa258ef0e7ddab5a11
[3] https://github.com/mikel/mail/commit/ac56f03bdfc30b379aeecd4ff317d08fdaa328c2
Discussion:
Created rubygem-mail tracking bugs for this issue
Affects: fedora-all [bug 816355]
---
Assigned CVE as per http://www.openwall.com/lists/oss-security/2012/04/26/1
---
rubygem-mail-2.4.4-1.fc15, rubygem-actionmailer-3.0.5-3.fc15 has bee
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080645.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-May/080648.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-May/080747.htmlhttp://secunia.com/advisories/48970http://www.openwall.com/lists/oss-security/2012/04/25/8http://www.openwall.com/lists/oss-security/2012/04/26/1https://bugzilla.novell.com/show_bug.cgi?id=759092https://bugzilla.redhat.com/show_bug.cgi?id=816352https://github.com/mikel/mail/blob/9beb079c70d236a5ad2e1ba95b2c977e55deb7af/CHANGELOG.rdochttps://github.com/mikel/mail/commit/39b590ddb08f90ddbe445837359a2c8843e533d0https://github.com/mikel/mail/commit/ac56f03bdfc30b379aeecd4ff317d08fdaa328c2http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080645.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-May/080648.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-May/080747.htmlhttp://secunia.com/advisories/48970http://www.openwall.com/lists/oss-security/2012/04/25/8http://www.openwall.com/lists/oss-security/2012/04/26/1https://bugzilla.novell.com/show_bug.cgi?id=759092https://bugzilla.redhat.com/show_bug.cgi?id=816352https://github.com/mikel/mail/blob/9beb079c70d236a5ad2e1ba95b2c977e55deb7af/CHANGELOG.rdochttps://github.com/mikel/mail/commit/39b590ddb08f90ddbe445837359a2c8843e533d0https://github.com/mikel/mail/commit/ac56f03bdfc30b379aeecd4ff317d08fdaa328c2
2012-07-18
Published