VYPR

Enscript

by GNU

CVEs (6)

  • CVE-2008-3863Oct 23, 2008
    risk 0.01cvss epss 0.08

    Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related…

  • CVE-2008-5078Dec 19, 2008
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in the (1) recognize_eps_file function (src/psgen.c) and (2) tilde_subst function (src/util.c) in GNU enscript 1.6.1, and possibly earlier, might allow remote attackers to execute arbitrary code via an epsf escape sequence with a long filename.

  • CVE-2004-1184Jan 21, 2005
    risk 0.00cvss epss 0.01

    The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.

  • CVE-2004-1185Jan 21, 2005
    risk 0.00cvss epss 0.04

    Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.

  • CVE-2004-1186Dec 31, 2004
    risk 0.00cvss epss 0.04

    Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash).

  • CVE-2002-0044Jan 31, 2002
    risk 0.00cvss epss 0.00

    GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.