CVE-2025-7462
BaseFortify
Publication date: 2025-07-12
Last updated on: 2025-11-03
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| artifex | ghostpdl | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-404 | The product does not release or incorrectly releases a resource before it is made available for re-use. |
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Artifex GhostPDL in the function pdf_ferror within the file devices/vector/gdevpdf.c. It involves a null pointer dereference caused by improper handling in the New Output File Open Error Handler component. An attacker can remotely initiate this issue, potentially causing the program to crash or behave unexpectedly.
How can this vulnerability impact me? :
The vulnerability can lead to a null pointer dereference, which may cause the affected software to crash or become unstable. Since the attack can be initiated remotely, it could result in denial of service or disruption of service availability.
What immediate steps should I take to mitigate this vulnerability?
It is recommended to apply the patch identified by commit 619a106ba4c4abed95110f84d5efcd7aee38c7cb to fix this issue.