Loading
Generated remediation guidance and an executive summary. No account required.
In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.
Use CWE-457, Xpdfreader vendor hub and Xpdf product page to widen CVE-2024-7868 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2022-48545, CVE-2023-3436 and CVE-2024-4568 for nearby disclosures in the same product family.