CVE-2008-5078

Name of the Vulnerable Software and Affected Versions enscript versions 1.6.1 and earlier enscript version 1.6.4

Description The issue involves multiple buffer overflows in the recognize eps file function and tilde subst function, potentially allowing remote attackers to execute arbitrary code via an epsf escape sequence with a long filename. This could lead to a breach of confidentiality, integrity, and availability of protected information. The exploitation of these vulnerabilities can be carried out remotely.

Recommendations For enscript version 1.6.4, update to a version that fixes the buffer overflows in the recognize eps file function and tilde subst function. For enscript versions 1.6.1 and earlier, update to a version that fixes the buffer overflows in the recognize eps file function and tilde subst function. As a temporary workaround, consider restricting access to the recognize eps file and tilde subst functions until a patch is available.