Festival Insecure Command Local Privilege Escalation and Remote Code Execution Vulnerability

Festival Insecure Command Local Privilege Escalation and Remote Code Execution Vulnerability

References:

Analysis of Debian's CVE-2007-4074 response (Tim Brown)
app-accessibility/festival: privilege elevation with current default setup (Gentoo)
Bug #130348 in festival (Ubuntu) (Ubuntu)
Debian Bug report logs - #466146 (Debian)
Vendor Homepage (The Center for Speech Technology Research)
Medium security hole affecting Festival on Debian unstable/testing and Ubuntu Ha (Tim Brown )

Privacy Statement
Copyright 2010, SecurityFocus