Описание
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-1185
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19029
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10808
- https://usn.ubuntu.com/68-1
- http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
- http://secunia.com/advisories/35074
- http://securitytracker.com/id?1012965
- http://support.apple.com/kb/HT3549
- http://www.debian.org/security/2005/dsa-654
- http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:033
- http://www.redhat.com/support/errata/RHSA-2005-040.html
- http://www.securityfocus.com/archive/1/419768/100/0/threaded
- http://www.securityfocus.com/archive/1/435199/100/0/threaded
- http://www.securityfocus.com/bid/12329
- http://www.us-cert.gov/cas/techalerts/TA09-133A.html
- http://www.vupen.com/english/advisories/2009/1297
EPSS
CVE ID
Связанные уязвимости
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
Enscript 1.6.3 does not sanitize filenames, which allows remote attack ...
EPSS