CVE-2008-3863
published 2008-10-23CVE-2008-3863: Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes…
high7.6CVSS 3.1
AVNACHAuNCCICAC
Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | enscript | < enscript 1.6.4-13 (bookworm) | enscript 1.6.4-13 (bookworm) |
| gnu | enscript | — | — |
| gnu | enscript | — | — |
| gnu | enscript | >= 0 < 1.6.4-13 | 1.6.4-13 |
| gnu | enscript | >= 0 < 1.6.4-13 | 1.6.4-13 |
| gnu | enscript | >= 0 < 1.6.4-13 | 1.6.4-13 |
| gnu | enscript | >= 0 < 1.6.4-13 | 1.6.4-13 |
CVSS provenance
nvd7.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
osv7.6HIGH