CVE-2024-7868
Aug. 15, 2024, 9:15 p.m.
Tags
Product(s) Impacted
Xpdf
- 4.05 and earlier
Description
In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.
Weaknesses
CWE-908
Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.
CWE ID: 908Date
Published: Aug. 15, 2024, 9:15 p.m.
Last Modified: Aug. 15, 2024, 9:15 p.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
xpdf@xpdfreader.com
References
xpdf@xpdfreader.com