CVE-2023-3044: Divide by Zero
First published: Fri Jun 02 2023(Updated: )
An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.
Credit: xpdf@xpdfreader.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xpdfreader Xpdf | <4.05 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-3044?
CVE-2023-3044 is a vulnerability in Xpdf's text extraction code that occurs when there is an excessively large PDF page size, resulting in a divide-by-zero error.
How does CVE-2023-3044 occur?
CVE-2023-3044 occurs when an extremely large PDF page size is encountered in Xpdf's text extraction code.
What is the severity level of CVE-2023-3044?
The severity of CVE-2023-3044 is low, with a severity value of 3.3.
Which software is affected by CVE-2023-3044?
The Xpdf software, specifically version up to exclusive 4.05, is affected by CVE-2023-3044.
How can I fix CVE-2023-3044?
To fix CVE-2023-3044, update your Xpdf software to a version that is not affected, if available.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-index
- collector/nvd-latest
- vendor/xpdfreader
- canonical/xpdfreader xpdf