CVE-2023-3044

Summary

An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code.

This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.

Affected Software

VendorProductVersion RangeStatus
XpdfXpdf4.04affected

Weaknesses

  • CWE-369: CWE-369 Divide By Zero

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References