Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:gnu:enscript:1.6.0:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 2 matching records.
Displaying matches 1 through 2.
Vuln ID Summary CVSS Severity

Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.

Published: January 21, 2005; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH

GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.

Published: January 31, 2002; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 3.6 LOW