CVE-2004-1185 : Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or loc

Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.

Published 2005-01-21 05:00:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2004-1185

GNU » Enscript » Version: 1.6.3
cpe:2.3:a:gnu:enscript:1.6.3:*:*:*:*:*:*:*
Matching versions
GNU » Enscript » Version: 1.6.1
cpe:2.3:a:gnu:enscript:1.6.1:*:*:*:*:*:*:*
Matching versions
GNU » Enscript » Version: 1.6.2
cpe:2.3:a:gnu:enscript:1.6.2:*:*:*:*:*:*:*
Matching versions
GNU » Enscript » Version: 1.6.0
cpe:2.3:a:gnu:enscript:1.6.0:*:*:*:*:*:*:*
Matching versions
GNU » Enscript » Version: 1.4.0
cpe:2.3:a:gnu:enscript:1.4.0:*:*:*:*:*:*:*
Matching versions
GNU » Enscript » Version: 1.5.0
cpe:2.3:a:gnu:enscript:1.5.0:*:*:*:*:*:*:*
Matching versions
GNU » Enscript » Version: 1.3.0
cpe:2.3:a:gnu:enscript:1.3.0:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2004-1185

EPSS FAQ

7.39%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 91 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2004-1185

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

Vendor statements for CVE-2004-1185

Red Hat 2007-03-14

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

References for CVE-2004-1185

http://secunia.com/advisories/35074

About Secunia Research | Flexera

CVEs referencing this url
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10808

404 Not Found
https://usn.ubuntu.com/68-1/

404: Page not found | Ubuntu

CVEs referencing this url
http://www.vupen.com/english/advisories/2009/1297

Webmail: access your OVH emails on ovhcloud.com | OVHcloud

CVEs referencing this url
http://securitytracker.com/id?1012965

GoDaddy Domain Name Search

CVEs referencing this url
http://www.debian.org/security/2005/dsa-654

[SECURITY] [DSA 654-1] New enscript packages fix several vulnerabilities
Patch;Vendor Advisory

CVEs referencing this url
http://www.redhat.com/support/errata/RHSA-2005-040.html

Support

CVEs referencing this url
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

CVEs referencing this url
http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml

enscript: Multiple vulnerabilities (GLSA 200502-03) — Gentoo security
Patch

CVEs referencing this url
http://www.securityfocus.com/archive/1/435199/100/0/threaded

CVEs referencing this url
http://www.securityfocus.com/archive/1/419768/100/0/threaded

CVEs referencing this url
http://support.apple.com/kb/HT3549

About the security content of Security Update 2009-002 / Mac OS X v10.5.7 - Apple Support

CVEs referencing this url
http://www.mandriva.com/security/advisories?name=MDKSA-2005:033

Mandriva

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/19029

enscript file name command execution CVE-2004-1185 Vulnerability Report
http://www.securityfocus.com/bid/12329

CVEs referencing this url
http://www.us-cert.gov/cas/techalerts/TA09-133A.html

Apple Updates for Multiple Vulnerabilities | CISA
US Government Resource

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2004-1185

Products affected by CVE-2004-1185

Exploit prediction scoring system (EPSS) score for CVE-2004-1185

CVSS scores for CVE-2004-1185

Vendor statements for CVE-2004-1185

References for CVE-2004-1185