[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE requests: code injection in rubygem espeak-ruby and code injection in rubygem fes
From: Max Veytsman <max () appcanary ! com>
Date: 2017-01-31 16:59:11
Message-ID: CAGW7fdsN9uyoMX7YtLn1=9k+LtYN12cQOnRpvz6DEMbatiR=Gw () mail ! gmail ! com
[Download RAW message or body]
Two similar vulnerabilities in ruby text-to-speech libraries.
1) espeak-ruby
Rubygem espeak-ruby passes user modifiable strings directly to a shell
command.
An attacker can execute malicious commands by modifying the strings that
are passed as arguments to the speak, save, bytes and bytes_wav methods in
the lib/espeak/speech.rb.
https://github.com/dejan/espeak-ruby/issues/7
Patched in 1.0.3
https://github.com/spejman/festivaltts4r/issues/1
2) festivaltts4r
Rubygem festivaltts4r passes user modifiable strings directly to a shell
command.
An attacker can execute malicious commands by modifying the strings that
are passed as arguments to the to_speech and and to_mp3 methods in
lib/festivaltts4r/festival4r.rb.
https://github.com/spejman/festivaltts4r/issues/1
No patch
Credit: Brendan Coles
--
Max Veytsman
Co-founder appcanary.com
@mveytsman <https://twitter.com/mveytsman>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic