CVSS 3.1 Score 2.9 of 10 (low)


Published Apr 24, 2024
CWE ID 787


CVE-2024-4141 is a vulnerability found in Xpdf 4.05 and earlier versions, which can be triggered by an invalid character code in a Type 1 font. The issue arises from a bounds check that is being optimized away by modern compilers. The vulnerability has a low base severity with a CVSS score of 2.9 and poses a potential danger to organizations as it allows for out-of-bounds array write. However, the exploitability score is also low at 1.4, requiring no privileges or user interaction and having a local attack vector. To remediate this vulnerability, it is recommended to update Xpdf to the latest version available.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-4141 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options