RSS   Vulnerabilities for 'Enscript'   RSS

2008-10-23
 
CVE-2008-3863

CWE-119
 
 
Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command.

 
2004-12-31
 
CVE-2004-1186

CWE-Other
 
 
Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash).

 
2005-01-21
 
CVE-2004-1185

CWE-Other
 
 
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.

 
 
CVE-2004-1184

CWE-Other
 
 
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.

 
2002-01-31
 
CVE-2002-0044

 
 
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.

 

 >>> Vendor: GNU 108 Products
INET
LIBC
Fingerd
WGET
BASH
Finger service
Gnumeric
MAKE
Emacs
Glibc
Mailman
Userv
Groff
Cfengine
Privacy guard
ED
G++
GCC
Findutils
GZIP
TAR
Radius
Enscript
ZLIB
Sharutils
Chess
Fileutils
Screen
Data display debugger
Zebra
LSH
Libtool
Anubis
FLIM
Aspell
Queue
Ksymoops
Gnats
Gettext
Mailutils
A2PS
Realtime linux security module
LESS
Gnubiff
Gnutls
Xemacs
Coreutils
CPIO
GDB
Phpbook
Texinfo
Gnump3d
Binutils
GV
Libtool-ltdl
Gpgme
Gnumail
Iceweasel
Flash player
GIMP
Tramp
Libcdio
M4
SCCS
Grub legacy
ADNS
Ibackup
Escript
Classpath
Gnu screen
Automake
Grub 2
NANO
Gnash
Gnu patch
Eglibc
Libtasn1
Libiberty
GREP
Libmicrohttpd
RUSH
GRUB
Readline
Patch
Parallel
Grub2
Libidn
Guile
OSIP
Gnutls libtasn1
Libssp
Ncurses
PSPP
CVS
Libextractor
Global
Guixsd
Recutils
Libredwg
Cflow
See all Products for Vendor GNU

Copyright 2024, cxsecurity.com

 

Back to Top