Security Advisory

CVE-2024-7868

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-08-15 20:22:52

Last updated 2025-10-06 22:31:57

Assigner GandC

State PUBLISHED

Description

In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.

← Browse all CVEs View on cve.org ↗