GNU » A2ps : Security Vulnerabilities, CVEs, CVSS score >= 1

CVE-2015-8107

Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code.
Max CVSS
7.8
EPSS Score
0.63%
Published
2017-04-13
Updated
2017-04-19

CVE-2014-0466

The fixps script in a2ps 4.14 does not use the -dSAFER option when executing gs, which allows context-dependent attackers to delete arbitrary files or execute arbitrary commands via a crafted PostScript file.
Max CVSS
6.8
EPSS Score
0.43%
Published
2014-04-03
Updated
2017-12-16

CVE-2004-1377

The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-12-27
Updated
2017-07-11

CVE-2004-1170

a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.
Max CVSS
10.0
EPSS Score
3.41%
Published
2005-01-10
Updated
2018-10-19

CVE-2001-1593

The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-04-05
Updated
2014-05-01
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close