Divide-by-Zero Vulnerability in Xpdf's Text Extraction Code Due to Excessively Large PDF Page Size

Divide-by-Zero Vulnerability in Xpdf's Text Extraction Code Due to Excessively Large PDF Page Size

CVE-2023-3044 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.

Learn more about our Web Application Penetration Testing UK.