Libpng
CVE-2018-13785
MEDIUM
Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.
AnalysisAI
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Technical ContextAI
This vulnerability is classified as Integer Overflow (CWE-190), which allows attackers to cause unexpected behavior through arithmetic overflow. In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service. Affected products include: Libpng, Canonical Ubuntu Linux, Oracle Jdk, Oracle Jre, Redhat Enterprise Linux Desktop.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Validate arithmetic operations, use safe integer libraries, check bounds before allocation.
Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows
Denial of service (with limited memory disclosure) in libpng before 1.6.55 lets an attacker supply a specially crafted b
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.
The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL poi
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics)
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics)
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics)
png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. Rated medium severity (CVS
An issue has been found in libpng 1.6.34. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable,
Libpng versions 1.6.51-1.6.53 contain a heap buffer over-read in the simplified API function png_image_finish_read when
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via png_creat
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngim
Same weakness CWE-190 – Integer Overflow or Wraparound
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today