Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-33871

Опубликовано: 03 июл. 2024
Источник: nvd
CVSS3: 8.8
EPSS Низкий

Описание

An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp (and oprp) devices can have an arbitrary name for a dynamic library; this library is then loaded.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*
Версия до 10.03.1 (исключая)

EPSS

Процентиль: 69%
0.00635
Низкий

8.8 High

CVSS3

Дефекты

CWE-94

Связанные уязвимости

ubuntu логотип

CVE-2024-33871

CVSS3: 8.8
ubuntu
12 месяцев назад

An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp (and oprp) devices can have an arbitrary name for a dynamic library; this library is then loaded.

redhat логотип

CVE-2024-33871

CVSS3: 8.8
redhat
около 1 года назад

An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp (and oprp) devices can have an arbitrary name for a dynamic library; this library is then loaded.

debian логотип

CVE-2024-33871

CVSS3: 8.8
debian
12 месяцев назад

An issue was discovered in Artifex Ghostscript before 10.03.1. contrib ...

suse-cvrf логотип

SUSE-SU-2024:2199-1

suse-cvrf
12 месяцев назад

Security update for ghostscript

suse-cvrf логотип

SUSE-SU-2024:2198-1

suse-cvrf
12 месяцев назад

Security update for ghostscript

EPSS

Процентиль: 69%
0.00635
Низкий

8.8 High

CVSS3

Дефекты

CWE-94