← back
CVE-2008-3863

CVE-2008-3863

EPSS 8.4%
Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.apple.com/archives/security-announce/2009/May/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.htmlhttp://rhn.redhat.com/errata/RHSA-2008-1021.htmlhttp://secunia.com/advisories/32137http://secunia.com/advisories/32521http://secunia.com/advisories/32530http://secunia.com/advisories/32753http://secunia.com/advisories/32854http://secunia.com/advisories/32970http://secunia.com/advisories/33109http://secunia.com/advisories/35074http://secunia.com/secunia_research/2008-41/