CVE-2024-29510
6.3MEDIUMArtifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device.
Publicado: 7/3/2024Actualizado: 4/28/2025
Descripción
Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device.
Análisis IAImpulsado por IA
Productos Afectados
artifexghostscript
Referencias
- https://bugs.ghostscript.com/show_bug.cgi?id=707662Issue Tracking
- https://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation/ExploitThird Party Advisory
- https://www.openwall.com/lists/oss-security/2024/07/03/7Mailing List
- https://bugs.ghostscript.com/show_bug.cgi?id=707662Issue Tracking
- https://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation/ExploitThird Party Advisory
- https://www.openwall.com/lists/oss-security/2024/07/03/7Mailing List
- https://www.vicarius.io/vsociety/posts/critical-vulnerability-in-ghostscript-cve-2024-29510ExploitThird Party Advisory