by vicarius
log in join community
by @jakaba
18 Aug 2023
#novel_exploit_analysis

An exploitation of a CVE vulnerability that has no prior exploit

publish

CVE-2023-36664: Command injection with Ghostscript PoC + exploit

by @jakaba
by @jakaba
18 Aug 2023
#novel_exploit_analysis

An exploitation of a CVE vulnerability that has no prior exploit

publish

CVE-2023-36664: Command injection with Ghostscript PoC + exploit

Apps

Ghostscript
GhostscriptArtifex
10.02.0.*
10.01.2.*
10.01.1.*
10.00.0.*
9.533.*
9.56.1.*
9.55.0.*
9.53.0.RC1
9.53.0.RC2
9.53.1.*
G
GhostscriptAladdin Enterprises
5.10.10 1.*
5.50.8 7.*
5.10CL.*
*.*
5.10.16.*
5.10.12cl.*
5.10.15.*
5.10.10.*
6.51.*
5.50.8.*

Screenshots from the blog posts

images/cll8dycvif7as1io82fg9gtd6.pngimages/cll8dycvif7as1io82fg9gtd6.png

PoC video

Summary

Ghostscript command injection vulnerability PoC (CVE-2023-36664)

general

Description

Tags

#CVE-2023-36664#ghostscript#command_injection
users/photos/clj8b3h1k16g10uoihwvzgsxi.png

@jakaba

39 posts

Total vcoins

36.8K

Social media links

Comments (4)