31 matches found
DEBIAN-CVE-2008-3863
Stack-based buffer overflow in the readspecialescape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e aka special escapes processing option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename...
CVE-2008-3863
Stack-based buffer overflow in the readspecialescape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e aka special escapes processing option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename...
Stack overflow
Stack-based buffer overflow in the readspecialescape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e aka special escapes processing option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename...
CVE-2008-3863
Stack-based buffer overflow in the readspecialescape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e aka special escapes processing option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename...
CVE-2008-3863
GNU Enscript 1.6.1 and 1.6.4 beta are affected by CVE-2008-3863 due to a stack-based buffer overflow in read_special_escape (src/psgen.c) when -e escapes processing is enabled. A crafted ASCII file can trigger arbitrary code execution via the setfilename path, allowing a remote attacker (with use...
CVE-2008-3863
Stack-based buffer overflow in the readspecialescape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e aka special escapes processing option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename...
GNU Enscript src/psgen.c栈溢出漏洞
BUGTRAQ ID: 31858 CVECAN ID: CVE-2008-3863 GNU enscript是用于替换Adobe enscript程序的脚本。Enscript可将ASCII文件转换为PostScript并将生成的PostScript输出提供给指定的打印机。 GNU enscript src/psgen.c文件中的readspecialescape函数存在栈溢出漏洞。如果用户通过-e选项启用了特殊转义处理的话,在转换恶意文件时就可能触发这个溢出,导致执行任意指令。 GNU Enscript 1.6.4 beta GNU Enscript 1.6.1 GNU ---...
enscript -- arbitrary code execution vulnerability
Ulf Harnhammar of Secunia Research reports: Stack-based buffer overflow in the readspecialescape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e aka special escapes processing option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafte...
CVE-2002-0044
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files...
CVE-2002-0044
CVE-2002-0044 affects GNU Enscript up to version 1.6.1. The vulnerability arises from insecure handling of temporary files (symlink-based attack), enabling local users to overwrite arbitrary files owned by the Enscript user. Public references in Debian DSA-105-1, Mandrake MDKSA-2002:010, and (old...
CVE-2002-0044
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files...