FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

a2ps -- format string vulnerability

Affected packages
		a2ps	<	4.13b_8

Details

VuXML ID	e359051d-90bd-11e5-bd18-002590263bf5
Discovery	2015-11-16
Entry	2015-11-22

Jong-Gwon Kim reports:

When user runs a2ps with malicious crafted pro(a2ps prologue) file, an attacker can execute arbitrary code.

[source]

References

CVE Name	CVE-2015-8107
URL	http://www.openwall.com/lists/oss-security/2015/11/16/4

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.