Skip to main content

Libpng CVE-2018-13785

MEDIUM
Integer Overflow or Wraparound (CWE-190)
2018-07-09 cve@mitre.org
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Jul 09, 2018 - 13:29 cve.org
MEDIUM 6.5

DescriptionCVE.org

In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.

AnalysisAI

In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Technical ContextAI

This vulnerability is classified as Integer Overflow (CWE-190), which allows attackers to cause unexpected behavior through arithmetic overflow. In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service. Affected products include: Libpng, Canonical Ubuntu Linux, Oracle Jdk, Oracle Jre, Redhat Enterprise Linux Desktop.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Validate arithmetic operations, use safe integer libraries, check bounds before allocation.

More in Libpng

View all
CVE-2015-0973 HIGH POC
8.8 Jan 18

Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows

CVE-2026-25646 HIGH POC
8.3 Feb 10

Denial of service (with limited memory disclosure) in libpng before 1.6.55 lets an attacker supply a specially crafted b

CVE-2015-8540 HIGH
8.8 Apr 14

Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.

CVE-2013-6954 MEDIUM POC
6.5 Jan 12

The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL poi

CVE-2025-66293 HIGH POC
7.1 Dec 03

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics)

CVE-2025-65018 HIGH POC
7.1 Nov 25

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics)

CVE-2025-64720 HIGH POC
7.1 Nov 25

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics)

CVE-2019-6129 MEDIUM POC
6.5 Jan 11

png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. Rated medium severity (CVS

CVE-2018-14048 MEDIUM POC
6.5 Jul 13

An issue has been found in libpng 1.6.34. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable,

CVE-2026-22695 MEDIUM POC
6.1 Jan 12

Libpng versions 1.6.51-1.6.53 contain a heap buffer over-read in the simplified API function png_image_finish_read when

CVE-2025-28164 MEDIUM POC
5.5 Jan 27

Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via png_creat

CVE-2025-28162 MEDIUM POC
5.5 Jan 27

Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngim

Share

CVE-2018-13785 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy