Back to directory

WRITEUP #218

CVE-2024-29510 – Exploiting Ghostscript using format strings

RCEFormat string vulnerabilityMemory corruption

by@thomasrinsma(Thomas Rinsma)

Program

Ghostscript

Published

Jul 2, 2024

Added to HackDex

Jul 8, 2024

Read Full Writeuphttps://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation/

▸ RELATED WRITEUPS

4 exploits, 1 bug: exploiting cve-2024-20017 4 different ways

RCEBuffer Overflow

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS

RCEArbitrary file write

Built with ❤️ by Shubham Rawat