Vulnerabilities > GNU > Enscript

DATE CVE VULNERABILITY TITLE RISK
2008-10-23 CVE-2008-3863 Buffer Errors vulnerability in GNU Enscript 1.6.1/1.6.4
Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command.
network
high complexity
gnu CWE-119
7.6
2005-01-21 CVE-2004-1185 Multiple vulnerability in GNU Enscript
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
network
low complexity
gnu
7.5
2005-01-21 CVE-2004-1184 Multiple vulnerability in GNU Enscript
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
local
low complexity
gnu sgi redhat suse
4.6
2004-12-31 CVE-2004-1186 Multiple vulnerability in GNU Enscript 1.6.3
Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash).
network
low complexity
gnu
5.0
2002-01-31 CVE-2002-0044 GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.
local
low complexity
gnu debian redhat
3.6