Vulnerabilities > CVE-2001-0956 - Unspecified vulnerability in Speechio Speechd

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

speechio

exploit available

NVD

Published: 2001-09-11

Updated: 2017-12-19

Summary

speechd 0.54 and earlier, with the Festival or rsynth speech synthesis package, allows attackers to execute arbitrary commands via shell metacharacters.

Vulnerable Configurations

Part	Description	Count
Application	Speechio Speechio Speechd *	1

Exploit-Db

description	SpeechD 0.1/0.2 Privileged Command Execution Vulnerability. CVE-2001-0956. Local exploit for unix platform
id	EDB-ID:21108
last seen	2016-02-02
modified	2001-09-11
published	2001-09-11
reporter	Tyler Spivey
source	https://www.exploit-db.com/download/21108/
title	SpeechD 0.1/0.2 - Privileged Command Execution Vulnerability

References

http://archives.neohapsis.com/archives/bugtraq/2001-09/0089.html
http://www.securityfocus.com/bid/3326
http://www.speechio.org/speechd.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/7121