CVE-2008-5078 – enscript: "epsf" special escape buffer overflows

https://notcve.org/view.php?id=CVE-2008-5078

19 Dec 2008 — Multiple buffer overflows in the (1) recognize_eps_file function (src/psgen.c) and (2) tilde_subst function (src/util.c) in GNU enscript 1.6.1, and possibly earlier, might allow remote attackers to execute arbitrary code via an epsf escape sequence with a long filename. Múltiples desbordamientos de búfer en las funciones (1) recognize_eps_file (src/psgen.c) y (2) tilde_subst (src/util.c) en GNU enscript vesión 1.6.1, y posiblemente anteriores, podría permitir a atacantes remotos ejecutar código arbitrario a... • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •