Vulnerability CVE-2024-29510


Published: 2024-07-03

Description:
Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device.

See advisories in our WLB2 database:
Topic
Author
Date
High
Ghostscript Command Execution / Format String
Thomas Rinsma
22.07.2024

 References:
https://bugs.ghostscript.com/show_bug.cgi?id=707662
https://www.openwall.com/lists/oss-security/2024/07/03/7
https://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation/

Copyright 2024, cxsecurity.com

 

Back to Top