CVE-2023-36664
Key Information
- Vendor
- Artifex
- Status
- Ghostscript
- Vendor
- CVE Published:
- 25 June 2023
Badges
Summary
Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
Bust this Ghostscript bug or risk a big breach, say experts
Infosec circles are awash with chatter about a vulnerability in Ghostscript some experts believe could be the cause of several major breaches in the coming months. Ghostscript is a Postscript and Adobe PDF...
4 months ago
Bust this Ghostscript bug or risk a big breach, say experts
Infosec circles are awash with chatter about a vulnerability in Ghostscript some experts believe could be the cause of several major breaches in the coming months. Ghostscript is a Postscript and Adobe PDF...
4 months ago
CVSS V3.1
Timeline
First article discovered by null
- 👾
Exploit exists.
Vulnerability published.
Vulnerability Reserved.