CVE-2024-29510 PoC — Artifex Ghostscript 安全漏洞

Source

https://github.com/swsmith2391/CVE-2024-29510

Associated Vulnerability

Title:Artifex Ghostscript 安全漏洞 (CVE-2024-29510)
Description:Artifex Ghostscript是美国Artifex公司的一套建基于 Adobe、PostScript 及可移植文档格式的页面描述语言等而编译成的自由软件。 Artifex Ghostscript 10.03.1 版本之前存在安全漏洞，该漏洞源于允许内存损坏和SAFER沙盒旁路，通过格式字符串注入与unprint设备。

Description

POC code for CVE-2024-29510 and demo VulnApp

File Snapshot


 [4.0K]  /data/pocs/633d02a364af372fe1740d619d8e9e071f2195f5
├── [7.6K]  document.eps
├── [ 131]  index.html
├── [1.6K]  README
├── [ 283]  run
├── [ 947]  test.ps
└── [4.0K]  vulnapp
    ├── [ 995]  app.py
    ├── [7.7K]  bad.eps
    ├── [ 824]  Dockerfile
    ├── [ 101]  good.ps
    ├── [ 118]  shell.html
    └── [4.0K]  templates
        └── [ 495]  index.html

2 directories, 11 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!