Vulnerabilities (CVE)

Filtered by vendor Gnu Subscribe
Filtered by product Enscript
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-3863 1 Gnu 1 Enscript 2024-11-21 7.6 HIGH N/A
Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command.
CVE-2004-1186 1 Gnu 1 Enscript 2024-11-20 5.0 MEDIUM N/A
Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash).
CVE-2004-1185 1 Gnu 1 Enscript 2024-11-20 7.5 HIGH N/A
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
CVE-2004-1184 4 Gnu, Redhat, Sgi and 1 more 4 Enscript, Fedora Core, Propack and 1 more 2024-11-20 4.6 MEDIUM N/A
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
CVE-2002-0044 3 Debian, Gnu, Redhat 3 Debian Linux, Enscript, Linux 2024-11-20 3.6 LOW N/A
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.