FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-01 20:12:40 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a1126054-b57c-11dd-8892-0017319806e7	enscript -- arbitrary code execution vulnerability Ulf Harnhammar of Secunia Research reports: Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command. Discovery 2008-10-22 Entry 2008-11-18 enscript-a4 enscript-letter enscript-letterdj < 1.6.4_2 CVE-2008-3863 CVE-2008-4306 http://secunia.com/secunia_research/2008-41/

VuXML ID

Description

a1126054-b57c-11dd-8892-0017319806e7

enscript -- arbitrary code execution vulnerability

Ulf Harnhammar of Secunia Research reports:

Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command.

Discovery 2008-10-22
Entry 2008-11-18
enscript-a4
enscript-letter
enscript-letterdj

< 1.6.4_2

CVE-2008-3863
CVE-2008-4306
http://secunia.com/secunia_research/2008-41/