CVE-2016-10194
published 2017-03-03CVE-2016-10194: The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the (1) to_speech or (2) to_mp3…
PriorityP260critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.56%
83.1th percentile
The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the (1) to_speech or (2) to_mp3 method in lib/festivaltts4r/festival4r.rb.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| artifex | ghostscript | >= 0 < 9.10~dfsg-0ubuntu10.12 | 9.10~dfsg-0ubuntu10.12 |
| artifex | ghostscript | >= 0 < 9.18~dfsg~0-0ubuntu2.8 | 9.18~dfsg~0-0ubuntu2.8 |
| artifex | ghostscript | >= 0 < 9.22~dfsg+1-0ubuntu1.1 | 9.22~dfsg+1-0ubuntu1.1 |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
ghostscript vulnerabilities
osv·2018-04-30·CVSS 7.8
CVE-2016-10317 ghostscript vulnerabilities
ghostscript vulnerabilities
It was discovered that Ghostscript incorrectly handled certain PostScript
files. An attacker could possibly use this to cause a denial of server.
(CVE-2016-10317)
It was discovered that Ghostscript incorrectly handled certain PDF files.
An attacker could possibly use this to cause a denial of service.
(CVE-2018-10194)
GHSA
festivaltts4r allows arbitrary command execution
ghsa·2017-10-24
CVE-2016-10194 [CRITICAL] CWE-77 festivaltts4r allows arbitrary command execution
festivaltts4r allows arbitrary command execution
The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the (1) `to_speech` or (2) `to_mp3` method in `lib/festivaltts4r/festival4r.rb`.
OSV
festivaltts4r allows arbitrary command execution
osv·2017-10-24
CVE-2016-10194 [CRITICAL] festivaltts4r allows arbitrary command execution
festivaltts4r allows arbitrary command execution
The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the (1) `to_speech` or (2) `to_mp3` method in `lib/festivaltts4r/festival4r.rb`.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.openwall.com/lists/oss-security/2017/01/31/14http://www.openwall.com/lists/oss-security/2017/02/02/5https://github.com/spejman/festivaltts4r/issues/1http://www.openwall.com/lists/oss-security/2017/01/31/14http://www.openwall.com/lists/oss-security/2017/02/02/5https://github.com/spejman/festivaltts4r/issues/1
2017-03-03
Published