CVE-2024-4976

CWE-787Out-of-bounds Write5 documents5 sources
Severity
2.1LOW
EPSS
0.1%
top 81.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Xpdf XpdfXpdfreader Xpdf
Timeline
PublishedMay 15

Description

Out-of-bounds array write in Xpdf 4.05 and earlier, due to missing object type check in AcroForm field reference.

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L

Affected Packages2 packages

CVEListV5xpdf/xpdf4.05
NVDxpdfreader/xpdf4.05

🔴Vulnerability Details

3
GHSA
GHSA-qvmh-c8p3-rp3h: Out-of-bounds array write in Xpdf 42024-05-15
OSV
CVE-2024-4976: Out-of-bounds array write in Xpdf 42024-05-15
CVEList
Out-of-bounds array write in Xpdf 4.05 due to missing object type check2024-05-15

📋Vendor Advisories

1
Red Hat
xpdf: Out-of-bounds array write due to missing object type check2024-05-15
CVE-2024-4976 (LOW CVSS 2.1) | Out-of-bounds array write in Xpdf 4 | cvebase.io