Main Vulnerability Database Exploits ID:10235 - Exploit for Format string error in Ghostscript - CVE-2024-29510

ID:10235 - Exploit for Format string error in Ghostscript - CVE-2024-29510

Published: July 19, 2024

Vulnerability identifier: #VU92282

Vulnerability risk: High

CVE-ID: CVE-2024-29510

CWE-ID: CWE-134

Exploitation vector: Remote access

Vulnerable software:
Ghostscript

Link to public exploit:

https://www.rapid7.com/db/modules/exploit/multi/fileformat/ghostscript_format_string_cve_2024_29510

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a format string error. A remote attacker can supply a specially crafted input that contains format string specifiers and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install updates from vendor's website.

ID:10235 - Exploit for Format string error in Ghostscript - CVE-2024-29510

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human