'[oss-security] CVE requests: code injection in rubygem espeak-ruby and code injection in rubygem fes'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE requests: code injection in rubygem espeak-ruby and code injection in rubygem fes
From:       Max Veytsman <max () appcanary ! com>
Date:       2017-01-31 16:59:11
Message-ID: CAGW7fdsN9uyoMX7YtLn1=9k+LtYN12cQOnRpvz6DEMbatiR=Gw () mail ! gmail ! com
[Download RAW message or body]

Two similar vulnerabilities in ruby text-to-speech libraries.

1) espeak-ruby

Rubygem espeak-ruby passes user modifiable strings directly to a shell
command.

An attacker can execute malicious commands by modifying the strings that
are passed as arguments to the speak, save, bytes and bytes_wav methods in
the lib/espeak/speech.rb.

https://github.com/dejan/espeak-ruby/issues/7

Patched in 1.0.3
https://github.com/spejman/festivaltts4r/issues/1

2) festivaltts4r

Rubygem festivaltts4r passes user modifiable strings directly to a shell
command.

An attacker can execute malicious commands by modifying the strings that
are passed as arguments to the to_speech and and to_mp3 methods in
lib/festivaltts4r/festival4r.rb.

https://github.com/spejman/festivaltts4r/issues/1

No patch
Credit: Brendan Coles

--
Max Veytsman
Co-founder appcanary.com
@mveytsman <https://twitter.com/mveytsman>

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic