What the vulnerability does
01Description
Out-of-bounds array write in Xpdf 4.05 and earlier, due to missing object type check in AcroForm field reference.
CVE-2024-4976
LOW
CVE-2024-4976: Out-of-bounds array write in Xpdf 4.05 due to missing object type check
CVSS base score
2.1/10
CVSS vector
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L
Key dates
02Disclosure timeline
May 15, 2024
CVE published
August 1, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-44988 LibVNCClient Tight Gradient decoding allows malicious server-triggered heap/stack OOB writes
CVE-2024-7695 Out-of-bounds Write Vulnerability
CVE-2018-25217 PDF Explorer 1.5.66.2 Structured Exception Handler Local Code Execution
CVE-2025-47724 Out-of-bounds Write in CNCSoft
CVE-2023-22238 Adobe After Effects Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
