CVE-2016-10194

2017-03-03T15:59:00
ID CVE-2016-10194
Type cve
Reporter cve@mitre.org
Modified 2017-03-09T18:56:00

Description

The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the (1) to_speech or (2) to_mp3 method in lib/festivaltts4r/festival4r.rb.