Primary

Context

Xpdf Out-of-Bounds Write Vulnerability Due to Integer Overflow in PostScript Function Interpreter

Vulnerability

A vulnerability allowing out-of-bounds array writes has been identified in Xpdf versions through 4.05. This issue arises from improper integer overflow checks in the PostScript function interpreter, which could potentially be exploited to write data outside the bounds of allocated arrays.

Impact

Exploitation of this vulnerability could lead to memory corruption, allowing for arbitrary code execution or causing a denial-of-service condition.

Remediation

Users can upgrade to Xpdf version 4.06 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Xpdf Out-of-Bounds Write Vulnerability Due to Integer Overflow in PostScript Function Interpreter

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating