Vulnerability Details CVE-2023-3044
An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code.
This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.9%
CVSS Severity
CVSS v3 Score 3.3
References
Products affected by CVE-2023-3044
-
cpe:2.3:a:xpdfreader:xpdf:0.2
-
cpe:2.3:a:xpdfreader:xpdf:0.3
-
cpe:2.3:a:xpdfreader:xpdf:0.4
-
cpe:2.3:a:xpdfreader:xpdf:0.5
-
cpe:2.3:a:xpdfreader:xpdf:0.6
-
cpe:2.3:a:xpdfreader:xpdf:0.7
-
cpe:2.3:a:xpdfreader:xpdf:0.7a
-
cpe:2.3:a:xpdfreader:xpdf:0.80
-
cpe:2.3:a:xpdfreader:xpdf:0.90
-
cpe:2.3:a:xpdfreader:xpdf:0.91
-
cpe:2.3:a:xpdfreader:xpdf:0.91a
-
cpe:2.3:a:xpdfreader:xpdf:0.91b
-
cpe:2.3:a:xpdfreader:xpdf:0.91c
-
cpe:2.3:a:xpdfreader:xpdf:0.92
-
cpe:2.3:a:xpdfreader:xpdf:0.92a
-
cpe:2.3:a:xpdfreader:xpdf:0.92b
-
cpe:2.3:a:xpdfreader:xpdf:0.92c
-
cpe:2.3:a:xpdfreader:xpdf:0.92d
-
cpe:2.3:a:xpdfreader:xpdf:0.92e
-
cpe:2.3:a:xpdfreader:xpdf:0.93
-
cpe:2.3:a:xpdfreader:xpdf:0.93a
-
cpe:2.3:a:xpdfreader:xpdf:1.00
-
cpe:2.3:a:xpdfreader:xpdf:1.01
-
cpe:2.3:a:xpdfreader:xpdf:2.00
-
cpe:2.3:a:xpdfreader:xpdf:2.01
-
cpe:2.3:a:xpdfreader:xpdf:2.02
-
cpe:2.3:a:xpdfreader:xpdf:2.03
-
cpe:2.3:a:xpdfreader:xpdf:3.00
-
cpe:2.3:a:xpdfreader:xpdf:3.01
-
cpe:2.3:a:xpdfreader:xpdf:3.02
-
cpe:2.3:a:xpdfreader:xpdf:3.03
-
cpe:2.3:a:xpdfreader:xpdf:3.03-17
-
cpe:2.3:a:xpdfreader:xpdf:3.04
-
cpe:2.3:a:xpdfreader:xpdf:3.04-13
-
cpe:2.3:a:xpdfreader:xpdf:3.04-4
-
cpe:2.3:a:xpdfreader:xpdf:4.0.0
-
cpe:2.3:a:xpdfreader:xpdf:4.0.1
-
cpe:2.3:a:xpdfreader:xpdf:4.0.2
-
cpe:2.3:a:xpdfreader:xpdf:4.00
-
cpe:2.3:a:xpdfreader:xpdf:4.01
-
cpe:2.3:a:xpdfreader:xpdf:4.01.01
-
cpe:2.3:a:xpdfreader:xpdf:4.02
-
cpe:2.3:a:xpdfreader:xpdf:4.03
-
cpe:2.3:a:xpdfreader:xpdf:4.04