CVE-2024-2971

Name of the Vulnerable Software and Affected Versions Xpdf versions 4.05 and earlier

Description The issue is an out-of-bounds array write in Xpdf, triggered by a negative object number in an indirect reference in the input PDF file. This occurs when the software processes a PDF file containing a negative object number, leading to an array write operation that exceeds the bounds of the allocated memory.

Recommendations For Xpdf versions 4.05 and earlier, update to a version later than 4.05 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.