Lucene search

RubySecRUBY:FESTIVALTTS4R-2016-10194

HistoryApr 22, 2016 - 9:00 p.m.

festivaltts4r Gem for Ruby Arbitrary Command Execution

2016-04-2221:00:00

RubySec

github.com

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.004

Percentile

73.8%

JSON

festivaltts4r passes user modifiable strings directly to a shell
command. An attacker can execute malicious commands by modifying
the strings that are passed as arguments to the to_speech and
and to_mp3 methods in lib/festivaltts4r/festival4r.rb library.

References

github.com/spejman/festivaltts4r/issues/1

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.004

Percentile

73.8%

JSON

Related for RUBY:FESTIVALTTS4R-2016-10194