Articles by @sigabrt9

Shell in the Ghost: Ghostscript CVE-2023-28879 writeup

Published on Tue 11 April 2023 by @sigabrt9

This write-up details how CVE-2023-28879 - an RCE in Ghostscript - was found and exploited. Due to the prevalence of Ghostscript in PostScript processing, this vulnerability may be reachable in many applications that process images or PDF files (think ImageMagick, PIL, etc.), making this an important one to patch and look out for.