Vulnerabilities > CVE-2024-29510
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device.
Related news
References
- https://bugs.ghostscript.com/show_bug.cgi?id=707662
- https://bugs.ghostscript.com/show_bug.cgi?id=707662
- https://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation/
- https://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation/
- https://www.openwall.com/lists/oss-security/2024/07/03/7
- https://www.openwall.com/lists/oss-security/2024/07/03/7
- https://www.vicarius.io/vsociety/posts/critical-vulnerability-in-ghostscript-cve-2024-29510