CVE-2025-11896
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-16
Last updated on: 2025-10-21
Assigner: Glyph & Cog, LLC
Description
Description
In Xpdf 4.05 (and earlier), a PDF object loop in a CMap, via the "UseCMap" entry, leads to infinite recursion and a stack overflow.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| xpdf | xpdf | 4.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-674 | The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
The vulnerability can cause a stack overflow due to infinite recursion, which may lead to application crashes or denial of service when processing crafted PDF files.
Can you explain this vulnerability to me?
This vulnerability in Xpdf 4.05 and earlier involves a PDF object loop in a CMap through the "UseCMap" entry, which causes infinite recursion and results in a stack overflow.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70