The article describes the vulnerability in some detail so you don't have to rely on the rating at all. In fact, you can completely ignore any mention of CVEs lose nothing.
I believe that by default on osx %n is only respected if the format string is in readonly memory, I thought the default in Linux was to just ignore it?
9 comments
[ 5.8 ms ] story [ 40.1 ms ] threadhttps://tracker.debian.org/pkg/ghostscript
If thats the qualification for "remote" then you can say that every attack is remote and it clearly isnt.
I believe that by default on osx %n is only respected if the format string is in readonly memory, I thought the default in Linux was to just ignore it?