CVE-2004-1185

CVE-2004-1185 concerns the Unix filter program enscript with insufficient sanitization of filenames, enabling an attacker to execute arbitrary commands through crafted filenames. The initial description states that Enscript 1.6.3 can be exploited via unsanitised filenames to run arbitrary command...

CVE-2008-3863

GNU Enscript 1.6.1 and 1.6.4 beta are affected by CVE-2008-3863 due to a stack-based buffer overflow in read_special_escape (src/psgen.c) when -e escapes processing is enabled. A crafted ASCII file can trigger arbitrary code execution via the setfilename path, allowing a remote attacker (with use...

CVE-2004-1186

CVE-2004-1186 is tied to enscript 1.6.3 and is described in connected sources as involving multiple buffer overflows that can crash the program, enabling a DoS scenario. The related OpenVAS/Nessus entries show patches released for enscript (e.g., SLES9 security update for enscript) and list CVE-2...

CVE-2004-1184

CVE-2004-1184 affects enscript (notably version 1.6.3) where EPSF pipe support accepts shell metacharacters, enabling arbitrary command execution by remote attackers or local users. Technical details across OpenVAS/Nessus entries confirm the vulnerability and its association with enscript; remedi...

CVE-2002-0044

CVE-2002-0044 affects GNU Enscript up to version 1.6.1. The vulnerability arises from insecure handling of temporary files (symlink-based attack), enabling local users to overwrite arbitrary files owned by the Enscript user. Public references in Debian DSA-105-1, Mandrake MDKSA-2002:010, and (old...