CVE-2023-3044
LowCVSS 3.3Exploitation Probability (EPSS)
Low risk26th percentile — higher than 26% of all known CVEs
Summary
Xpdf has a vulnerability related to excessively large PDF page sizes, which can lead to a divide-by-zero error in the text extraction code. This issue was discovered during fuzz testing and is unlikely to occur in normal PDF files.
Risk Assessment
Organizations may face application crashes or unexpected behavior when processing atypical PDF files, potentially leading to data loss or service interruptions.
Recommendation
It is recommended to monitor and restrict the processing of PDF files with unusual page sizes and to update Xpdf to the latest version to minimize risk.
Original NVD description (English source)
An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.

