CVSS 3.1 Score 2.9 of 10 (low)


Published Apr 17, 2024
CWE ID 787


CVE-2024-3900 is a vulnerability that affects Xpdf 4.05 and earlier versions. It is categorized as an out-of-bounds array write, triggered by a long Unicode sequence in ActualText. The risk score for this vulnerability is 5, indicating a moderate level of risk. The base severity is rated as low, with a score of 2.9. The exploitability score is 1.4, suggesting that it can be relatively easily exploited. This vulnerability poses a potential danger to organizations using Xpdf, as it could allow attackers to execute arbitrary code or cause denial of service attacks. To remediate this vulnerability, users should update to the latest version of Xpdf once a patch becomes available.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-3900 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options