CVE-2004-1185

Currently unrated

Key Information:

Vendor: Gnu
Status: Enscript
Vendor: CVE Published:; 21 January 2005

Summary

Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.

References

http://www.securityfocus.com/archive/1/419768/100/0/threaded

vendor-advisoryx_refsource_FEDORA

http://www.securityfocus.com/bid/12329

vdb-entryx_refsource_BID

http://support.apple.com/kb/HT3549

x_refsource_CONFIRM

EPSS Score

1% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 21, 2005
Vulnerability Reserved
Dec 13, 2004

.