CVE-2025-2574 - Vulnerability Details - OpenCVE

Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code.

Attack Vector Local

Attack Complexity High

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact Low

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Xpdf	Xpdf

No data.

No data.

References

Link	Providers
https://www.xpdfreader.com/security-bug/CVE-2025-2574.html

History

Mon, 06 Oct 2025 22:45:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-787	CWE-190

Fri, 21 Mar 2025 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 20 Mar 2025 21:15:00 +0000

Type	Values Removed	Values Added
Description		Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code.
Title		Out-of-bounds array write in Xpdf 4.05 due to incorrect integer overflow checking
Weaknesses		CWE-787
References		https://www.xpdfreader.com/security-bug/CVE-2025-2574.html
Metrics		cvssV4_0 `{'score': 2.1, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L'}`

MITRE

Status: PUBLISHED

Assigner: GandC

Published: 2025-03-20T21:07:46.499Z

Updated: 2025-10-06T22:32:59.827Z

Reserved: 2025-03-20T20:58:33.490Z

Link: CVE-2025-2574

Vulnrichment

Updated: 2025-03-21T15:13:52.649Z

NVD

Status : Awaiting Analysis

Published: 2025-03-20T21:15:23.880

Modified: 2025-10-06T23:15:33.957

Link: CVE-2025-2574

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-2574", "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "state": "PUBLISHED", "assignerShortName": "GandC", "dateReserved": "2025-03-20T20:58:33.490Z", "datePublished": "2025-03-20T21:07:46.499Z", "dateUpdated": "2025-10-06T22:32:59.827Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["all"], "product": "Xpdf", "vendor": "Xpdf", "versions": [{"lessThanOrEqual": "4.05", "status": "affected", "version": "Version", "versionType": "version"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Erik Viken"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code."}], "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 2.1, "baseSeverity": "LOW", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC", "dateUpdated": "2025-10-06T22:32:59.827Z"}, "references": [{"url": "https://www.xpdfreader.com/security-bug/CVE-2025-2574.html"}], "source": {"discovery": "UNKNOWN"}, "title": "Out-of-bounds array write in Xpdf 4.05 due to incorrect integer overflow checking", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-21T15:13:48.238926Z", "id": "CVE-2025-2574", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-21T15:13:55.504Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2574", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-21T15:13:48.238926Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-21T15:13:52.649Z"}}], "cna": {"title": "Out-of-bounds array write in Xpdf 4.05 due to incorrect integer overflow checking", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Erik Viken"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 2.1, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "LOW", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Xpdf", "product": "Xpdf", "versions": [{"status": "affected", "version": "Version", "versionType": "version", "lessThanOrEqual": "4.05"}], "platforms": ["all"], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.xpdfreader.com/security-bug/CVE-2025-2574.html"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code.", "supportingMedia": [{"type": "text/html", "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190 Integer Overflow or Wraparound"}]}], "providerMetadata": {"orgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "shortName": "GandC", "dateUpdated": "2025-10-06T22:32:59.827Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2574", "state": "PUBLISHED", "dateUpdated": "2025-10-06T22:32:59.827Z", "dateReserved": "2025-03-20T20:58:33.490Z", "assignerOrgId": "ace9cabe-4f4f-416b-8c39-b0e002761924", "datePublished": "2025-03-20T21:07:46.499Z", "assignerShortName": "GandC"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code."}, {"lang": "es", "value": "Escritura de matriz fuera de los l\u00edmites en Xpdf 4.05 y versiones anteriores, debido a una verificaci\u00f3n incorrecta de desbordamiento de enteros en el c\u00f3digo del int\u00e9rprete de funciones PostScript."}], "id": "CVE-2025-2574", "lastModified": "2025-10-06T23:15:33.957", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.1, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "xpdf@xpdfreader.com", "type": "Secondary"}]}, "published": "2025-03-20T21:15:23.880", "references": [{"source": "xpdf@xpdfreader.com", "url": "https://www.xpdfreader.com/security-bug/CVE-2025-2574.html"}], "sourceIdentifier": "xpdf@xpdfreader.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "xpdf@xpdfreader.com", "type": "Secondary"}]}