CVE-2024-7867

CWE-190 ā€” Integer OverflowCWE-3695 documents5 sources
Severity
2.1LOW
EPSS
0.1%
top 78.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Xpdf XpdfXpdfreader Xpdf
Timeline
PublishedAug 15

Description

In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero.

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Packages2 packages

ā–¶CVEListV5xpdf/xpdf4.05
ā–¶NVDxpdfreader/xpdf4.05

šŸ”“Vulnerability Details

3
OSV
CVE-2024-7867: In Xpdf 4ā†—2024-08-15
ā–¶
GHSA
GHSA-jc6p-q9f6-3qq3: In Xpdf 4ā†—2024-08-15
ā–¶
CVEList
Integer overflow and divide-by-zero in Xpdf 4.05 due to bogus page box coordinatesā†—2024-08-15
ā–¶

šŸ“‹Vendor Advisories

1
Debian
CVE-2024-7867: xpdf - In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an in...ā†—2024
ā–¶
CVE-2024-7867 (LOW CVSS 2.1) | In Xpdf 4.05 (and earlier) | cvebase.io