QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2008-3863

Back to search

CVE-2008-3863

Published: Oct 23, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command.

VendorProductVersions

n/a

n/a

affected
n/a

References

ADV-2008-2891
vdb-entry
x_refsource_VUPEN
32137
third-party-advisory
x_refsource_SECUNIA
31858
vdb-entry
x_refsource_BID
32521
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2008:024
vendor-advisory
x_refsource_SUSE
FEDORA-2008-9372
vendor-advisory
x_refsource_FEDORA
oval:org.mitre.oval:def:9939
vdb-entry
signature
x_refsource_OVAL
FEDORA-2008-9351
vendor-advisory
x_refsource_FEDORA
RHSA-2008:1016
vendor-advisory
x_refsource_REDHAT
USN-660-1
vendor-advisory
x_refsource_UBUNTU
35074
third-party-advisory
x_refsource_SECUNIA
4488
third-party-advisory
x_refsource_SREASON
APPLE-SA-2009-05-12
vendor-advisory
x_refsource_APPLE
GLSA-200812-02
vendor-advisory
x_refsource_GENTOO
20081117 rPSA-2008-0321-1 enscript
mailing-list
x_refsource_BUGTRAQ
32854
third-party-advisory
x_refsource_SECUNIA
MDVSA-2008:243
vendor-advisory
x_refsource_MANDRIVA
32970
third-party-advisory
x_refsource_SECUNIA
32530
third-party-advisory
x_refsource_SECUNIA
DSA-1670
vendor-advisory
x_refsource_DEBIAN
TA09-133A
third-party-advisory
x_refsource_CERT
ADV-2009-1297
vdb-entry
x_refsource_VUPEN
32753
third-party-advisory
x_refsource_SECUNIA
33109
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:1021
vendor-advisory
x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now