Vulnerability Details CVE-2024-4141
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.4%
CVSS Severity
CVSS v3 Score 2.9
References
Products affected by CVE-2024-4141
-
cpe:2.3:a:xpdfreader:xpdf:0.2
-
cpe:2.3:a:xpdfreader:xpdf:0.3
-
cpe:2.3:a:xpdfreader:xpdf:0.4
-
cpe:2.3:a:xpdfreader:xpdf:0.5
-
cpe:2.3:a:xpdfreader:xpdf:0.6
-
cpe:2.3:a:xpdfreader:xpdf:0.7
-
cpe:2.3:a:xpdfreader:xpdf:0.7a
-
cpe:2.3:a:xpdfreader:xpdf:0.80
-
cpe:2.3:a:xpdfreader:xpdf:0.90
-
cpe:2.3:a:xpdfreader:xpdf:0.91
-
cpe:2.3:a:xpdfreader:xpdf:0.91a
-
cpe:2.3:a:xpdfreader:xpdf:0.91b
-
cpe:2.3:a:xpdfreader:xpdf:0.91c
-
cpe:2.3:a:xpdfreader:xpdf:0.92
-
cpe:2.3:a:xpdfreader:xpdf:0.92a
-
cpe:2.3:a:xpdfreader:xpdf:0.92b
-
cpe:2.3:a:xpdfreader:xpdf:0.92c
-
cpe:2.3:a:xpdfreader:xpdf:0.92d
-
cpe:2.3:a:xpdfreader:xpdf:0.92e
-
cpe:2.3:a:xpdfreader:xpdf:0.93
-
cpe:2.3:a:xpdfreader:xpdf:0.93a
-
cpe:2.3:a:xpdfreader:xpdf:1.00
-
cpe:2.3:a:xpdfreader:xpdf:1.01
-
cpe:2.3:a:xpdfreader:xpdf:2.00
-
cpe:2.3:a:xpdfreader:xpdf:2.01
-
cpe:2.3:a:xpdfreader:xpdf:2.02
-
cpe:2.3:a:xpdfreader:xpdf:2.03
-
cpe:2.3:a:xpdfreader:xpdf:3.00
-
cpe:2.3:a:xpdfreader:xpdf:3.01
-
cpe:2.3:a:xpdfreader:xpdf:3.02
-
cpe:2.3:a:xpdfreader:xpdf:3.03
-
cpe:2.3:a:xpdfreader:xpdf:3.03-17
-
cpe:2.3:a:xpdfreader:xpdf:3.04
-
cpe:2.3:a:xpdfreader:xpdf:3.04-13
-
cpe:2.3:a:xpdfreader:xpdf:3.04-4
-
cpe:2.3:a:xpdfreader:xpdf:4.0.0
-
cpe:2.3:a:xpdfreader:xpdf:4.0.1
-
cpe:2.3:a:xpdfreader:xpdf:4.0.2
-
cpe:2.3:a:xpdfreader:xpdf:4.00
-
cpe:2.3:a:xpdfreader:xpdf:4.01
-
cpe:2.3:a:xpdfreader:xpdf:4.01.01
-
cpe:2.3:a:xpdfreader:xpdf:4.02
-
cpe:2.3:a:xpdfreader:xpdf:4.03
-
cpe:2.3:a:xpdfreader:xpdf:4.04
-
cpe:2.3:a:xpdfreader:xpdf:4.05