CVE-2024-7868
Aug. 15, 2024, 9:15 p.m.
None
No Score
Description
In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.
Product(s) Impacted
Product | Versions |
---|---|
Xpdf |
|
Weaknesses
Common security weaknesses mapped to this vulnerability.
CWE-908
Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.
Tags
Timeline
Published: Aug. 15, 2024, 9:15 p.m.
Last Modified: Aug. 15, 2024, 9:15 p.m.
Last Modified: Aug. 15, 2024, 9:15 p.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
xpdf@xpdfreader.com
*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.