Vulnerabilities > CVE-2024-3900 - Out-of-bounds Write vulnerability in Xpdfreader Xpdf

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

NVD

Published: 2024-04-17

Updated: 2025-01-29

Summary

Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText.

Part	Description	Count
Application	Xpdfreader Xpdfreader Xpdf 0.2 Xpdfreader Xpdf 0.3 Xpdfreader Xpdf 0.4 Xpdfreader Xpdf 0.5 Xpdfreader Xpdf 0.6 Xpdfreader Xpdf 0.7 Xpdfreader Xpdf 0.7A Xpdfreader Xpdf 0.80 Xpdfreader Xpdf 0.90 Xpdfreader Xpdf 0.91 Xpdfreader Xpdf 0.91A Xpdfreader Xpdf 0.91B Xpdfreader Xpdf 0.91C Xpdfreader Xpdf 0.92 Xpdfreader Xpdf 0.92A Xpdfreader Xpdf 0.92B Xpdfreader Xpdf 0.92C Xpdfreader Xpdf 0.92D Xpdfreader Xpdf 0.92E Xpdfreader Xpdf 0.93 Xpdfreader Xpdf 0.93A Xpdfreader Xpdf 1.00 Xpdfreader Xpdf 1.01 Xpdfreader Xpdf 2.00 Xpdfreader Xpdf 2.01 Xpdfreader Xpdf 2.02 Xpdfreader Xpdf 2.03 Xpdfreader Xpdf 3.00 Xpdfreader Xpdf 3.01 Xpdfreader Xpdf 3.02 Xpdfreader Xpdf 3.03 Xpdfreader Xpdf 3.03-17 Xpdfreader Xpdf 3.04 Xpdfreader Xpdf 3.04-4 Xpdfreader Xpdf 3.04-13 Xpdfreader Xpdf 4.00 Xpdfreader Xpdf 4.0.0 Xpdfreader Xpdf 4.0.1 Xpdfreader Xpdf 4.0.2 Xpdfreader Xpdf 4.01 Xpdfreader Xpdf 4.01.01 Xpdfreader Xpdf 4.02 Xpdfreader Xpdf 4.03 Xpdfreader Xpdf 4.04 Xpdfreader Xpdf 4.05	57