Lucene search
HistoryAug 15, 2024 - 8:15 p.m.
CVE-2024-7866
xpdf 4.05
pdf object loop
stack overflow
pattern resource
infinite recursion
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0
Percentile
13.3%
In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow.
Affected configurations
Node
xpdfreaderxpdfRange≤4.05
| Vendor | Product | Version | CPE |
|---|---|---|---|
| xpdfreader | xpdf | * | cpe:2.3:a:xpdfreader:xpdf:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2024-7866 Stack overflow in Xpdf 4.05 due to object loop in PDF pattern
2024-08-15 19:50:06
debiancve
debiancve
CVE-2024-7866
2024-08-15 20:15:18
ubuntucve
ubuntucve
CVE-2024-7866
2024-08-15 00:00:00
osv
osv
UBUNTU-CVE-2024-7866
2024-08-15 20:15:00
cve
cve
CVE-2024-7866
2024-08-15 20:15:18
alpinelinux
alpinelinux
CVE-2024-7866
2024-08-15 20:15:18
vulnrichment
vulnrichment
CVE-2024-7866 Stack overflow in Xpdf 4.05 due to object loop in PDF pattern
2024-08-15 19:50:06
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
0
Percentile
13.3%
Related for NVD:CVE-2024-7866