Shell in the Ghost: Ghostscript CVE-2023-28879 writeup
This write-up details how CVE-2023-28879 - an RCE in Ghostscript - was found and exploited. Due to the prevalence of Ghostscript in PostScript processing, this vulnerability may be reachable in many applications that process images or PDF files (e.g. ImageMagick, PIL, etc.), making this an important one to patch and look out for. The vulnerability was found by fuzzing Ghostscript with a grammar-oriented methodology, and it allows an attacker to execute arbitrary code on the vulnerable system. CVEs: CVE-2023-28879, CVE-2021-3781 [View Article](https://offsec.almond.consulting/ghostscript-cve-2023-28879.html)