CVE-2024-4141

CVSS 3.1 Score 2.9 of 10 (low)

Details

Published Apr 24, 2024
CWE ID 787

Summary

CVE-2024-4141 is a vulnerability affecting Xpdf 4.05 and earlier versions, which involves an out-of-bounds array write. This issue is triggered by an invalid character code found in a Type 1 font. The root cause stems from a bounds check that has been optimized away by contemporary compilers, allowing malicious actors to manipulate data beyond the intended limits, potentially leading to unintended application behavior or system crashes.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share