CVE-2024-4141
CVSS 3.1 Score 2.9 of 10 (low)
Details
Published Apr 24, 2024
CWE ID 787
Summary
CVE-2024-4141 is a vulnerability affecting Xpdf 4.05 and earlier versions, which involves an out-of-bounds array write. This issue is triggered by an invalid character code found in a Type 1 font. The root cause stems from a bounds check that has been optimized away by contemporary compilers, allowing malicious actors to manipulate data beyond the intended limits, potentially leading to unintended application behavior or system crashes.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Xpdf
Affected Vendors
- Glyph & Cog LLC