The espeak-ruby gem before 1.0.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the speak
, save
, bytes
or bytes_wav
method in lib/espeak/speech.rb
.
www.openwall.com/lists/oss-security/2017/01/31/14
www.openwall.com/lists/oss-security/2017/02/02/5
github.com/dejan/espeak-ruby
github.com/dejan/espeak-ruby/commit/5251744b13bdd9fb0c72c612226e72d330bac143
github.com/dejan/espeak-ruby/issues/7
github.com/rubysec/ruby-advisory-db/blob/master/gems/espeak-ruby/CVE-2016-10193.yml
nvd.nist.gov/vuln/detail/CVE-2016-10193