CVE-2024-29510
6.3MEDIUMArtifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device.
Опубликовано: 7/3/2024Обновлено: 4/28/2025
Описание
Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device.
ИИ-АнализНа базе ИИ
Затронутые продукты
artifexghostscript
Ссылки
- https://bugs.ghostscript.com/show_bug.cgi?id=707662Issue Tracking
- https://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation/ExploitThird Party Advisory
- https://www.openwall.com/lists/oss-security/2024/07/03/7Mailing List
- https://bugs.ghostscript.com/show_bug.cgi?id=707662Issue Tracking
- https://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation/ExploitThird Party Advisory
- https://www.openwall.com/lists/oss-security/2024/07/03/7Mailing List
- https://www.vicarius.io/vsociety/posts/critical-vulnerability-in-ghostscript-cve-2024-29510ExploitThird Party Advisory