SpeechD Privileged Command Execution Vulnerability

Find the following line in speechd:
system("$cmd \'$text\'");

and insert the following line directly before it:
$text =~ s/'//g;

Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.


Privacy Statement
Copyright 2010, SecurityFocus