Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-3248

In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and a stack overflow.

Published

2024-04-02T23:15:55.493

Last Modified

2025-01-29T16:18:20.637

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 2.9 (LOW)

Weaknesses

Type: Secondary
CWE-674
Type: Primary
CWE-674

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	xpdfreader	xpdf	≤ 4.05	Yes

References

https://forum.xpdfreader.com/viewtopic.php?t=43657 Exploit, Vendor Advisory ([email protected])
https://forum.xpdfreader.com/viewtopic.php?t=43657 Exploit, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)