Arbitrary File Reading Vulnerability in Ghostscript Before 10.03.1

CVE-2024-29511

Currently unrated 🤨

Key Information

Vendor
Artifex
Vendor
CVE Published:
3 July 2024

Badges

📰 News Worthy

Summary

The vulnerability CVE-2024-29511 is found in Artifex's Ghostscript before version 10.03.1, affecting UNIX and Windows operating systems, as well as certain products such as Red Hat Enterprise Linux and Open Source Ghostscript. It allows for arbitrary file reading and writing through the use of OCR, posing a medium level of risk with a CVSS base score of 5.4. Hackers can exploit this vulnerability to manipulate files, execute code, and launch denial of service attacks. To address this, users are advised to keep their applications updated and to apply any security patches provided by the vendors. There are no known ransomware attacks exploiting this vulnerability at the moment.

News Articles

IT-Sicherheit: UNIX und Windows bedroht - Update für IT-Sicherheitswarnung zu Ghostscript (Risiko: mittel)

Für Ghostscript wurde ein Update zur IT-Sicherheitswarnung einer bekannten Schwachstelle veröffentlicht. Eine Beschreibung der Sicherheitslücken inklusive der neuesten Updates sowie Infos zu den betroffenen Betriebssystemen UNIX und Windows und Produkten lesen Sie hier.

5 months ago

Refferences

Timeline

  • First article discovered by News.de

  • Vulnerability published

Collectors

NVD DatabaseMitre Database1 News Article(s)
.