What is the severity of CVE-2008-5078?

CVE-2008-5078 is classified as a high severity vulnerability due to its potential for remote code execution.

How do I fix CVE-2008-5078?

To fix CVE-2008-5078, update to enscript version 0:1.6.1-33.el4_7.1 or later.

What causes CVE-2008-5078?

CVE-2008-5078 is caused by multiple buffer overflows in specific functions of GNU enscript when handling EPS files.

Who is affected by CVE-2008-5078?

Users and systems running GNU enscript version 1.6.1 and possibly earlier versions are affected by CVE-2008-5078.

Can CVE-2008-5078 be exploited remotely?

Yes, CVE-2008-5078 can be exploited remotely by attackers sending crafted EPS filenames.

Vulnerability/
CVE-2008-5078

medium

6.8

CWE

119

1/12/2008

15/12/2008

19/12/2008

7/8/2024

CVE-2008-5078: Buffer Overflow

First published: Mon Dec 01 2008(Updated: )

Multiple buffer overflows in the (1) recognize_eps_file function (src/psgen.c) and (2) tilde_subst function (src/util.c) in GNU enscript 1.6.1, and possibly earlier, might allow remote attackers to execute arbitrary code via an epsf escape sequence with a long filename.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Gnu Escript	=1.6.1
redhat/enscript	<0:1.6.1-33.el4_7.1	0:1.6.1-33.el4_7.1

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

RHSA-2008:1021

Frequently Asked Questions

What is the severity of CVE-2008-5078?
CVE-2008-5078 is classified as a high severity vulnerability due to its potential for remote code execution.
How do I fix CVE-2008-5078?
To fix CVE-2008-5078, update to enscript version 0:1.6.1-33.el4_7.1 or later.
What causes CVE-2008-5078?
CVE-2008-5078 is caused by multiple buffer overflows in specific functions of GNU enscript when handling EPS files.
Who is affected by CVE-2008-5078?
Users and systems running GNU enscript version 1.6.1 and possibly earlier versions are affected by CVE-2008-5078.
Can CVE-2008-5078 be exploited remotely?
Yes, CVE-2008-5078 can be exploited remotely by attackers sending crafted EPS filenames.

collector/nvd-historical
collector/nvd-index
agent/type
agent/softwarecombine
agent/first-publish-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2008-5078
agent/references
agent/author
agent/weakness
agent/severity
agent/description
collector/redhat-cve
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/trending
agent/tags
agent/source
vendor/gnu
canonical/gnu escript
version/gnu escript/1.6.1
package-manager/redhat

Frequently Asked Questions

What is the severity of CVE-2008-5078?
CVE-2008-5078 is classified as a high severity vulnerability due to its potential for remote code execution.
How do I fix CVE-2008-5078?
To fix CVE-2008-5078, update to enscript version 0:1.6.1-33.el4_7.1 or later.
What causes CVE-2008-5078?
CVE-2008-5078 is caused by multiple buffer overflows in specific functions of GNU enscript when handling EPS files.
Who is affected by CVE-2008-5078?
Users and systems running GNU enscript version 1.6.1 and possibly earlier versions are affected by CVE-2008-5078.
Can CVE-2008-5078 be exploited remotely?
Yes, CVE-2008-5078 can be exploited remotely by attackers sending crafted EPS filenames.

CVE-2008-5078: Buffer Overflow

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2008-5078?

How do I fix CVE-2008-5078?

What causes CVE-2008-5078?

Who is affected by CVE-2008-5078?

Can CVE-2008-5078 be exploited remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2008-5078?

How do I fix CVE-2008-5078?

What causes CVE-2008-5078?

Who is affected by CVE-2008-5078?

Can CVE-2008-5078 be exploited remotely?