Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-7866

Aug. 15, 2024, 8:15 p.m.

Tags

xpdf@xpdfreader.com
CWE-674
2024-08-15
CVE-2024-7866

Product(s) Impacted

Xpdf

  • 4.05
  • before 4.05

Description

In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow.

Weaknesses

CWE-674
Uncontrolled Recursion

The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.

CWE ID: 674

Date

Published: Aug. 15, 2024, 8:15 p.m.

Last Modified: Aug. 15, 2024, 8:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

xpdf@xpdfreader.com

References

https://www.xpdfreader.com/ xpdf@xpdfreader.com