CVE-2013-4389 vulnerability in Ruby on Rails and Other Products
Published on October 17, 2013

Multiple format string vulnerabilities in log_subscriber.rb files in the log subscriber component in Action Mailer in Ruby on Rails 3.x before 3.2.15 allow remote attackers to cause a denial of service via a crafted e-mail address that is improperly handled during construction of a log message.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2013-4389

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2013-4389 are published in these products:

Ruby on Rails Rails

OpenSuse

Debian Linux

Exploit Probability

EPSS

1.33%

Percentile

79.71%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2013-4389 vulnerability in Ruby on Rails and Other ProductsPublished on October 17, 2013

Products Associated with CVE-2013-4389

Exploit Probability

CVE-2013-4389 vulnerability in Ruby on Rails and Other Products
Published on October 17, 2013