Candidate: CVE-2008-3863
PublicDate: 2008-10-23 22:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3863
 https://ubuntu.com/security/notices/USN-660-1
Description:
 Stack-based buffer overflow in the read_special_escape function in
 src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special
 escapes processing) option is enabled, allows user-assisted remote
 attackers to execute arbitrary code via a crafted ASCII file, related to
 the setfilename command.
Ubuntu-Description:
Notes:
 kees> user-assisted
Bugs:
Priority: low
Discovered-by: Ulf Harnhammar
Assigned-to: kees
CVSS: 

Patches_enscript:
upstream_enscript: released (1.6.4-13)
dapper_enscript: released (1.6.4-7ubuntu0.2)
gutsy_enscript: released (1.6.4-11ubuntu0.2)
hardy_enscript: released (1.6.4-12ubuntu0.8.04.1)
intrepid_enscript: released (1.6.4-12ubuntu0.8.10.1)
devel_enscript: not-affected