Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2018-13785
Analyzed
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-09 Jul, 2018 | 13:29
Updated At-27 Jun, 2022 | 17:35

In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
CPE Matches
libpng
libpng
>>libpng>>1.6.34
cpe:2.3:a:libpng:libpng:1.6.34:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>14.04
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>16.04
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>17.10
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>18.04
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
Oracle Corporation
oracle
>>jdk>>1.6.0
cpe:2.3:a:oracle:jdk:1.6.0:update201:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update191:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.8.0
cpe:2.3:a:oracle:jdk:1.8.0:update181:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>11.0.0
cpe:2.3:a:oracle:jdk:11.0.0:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update201:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update191:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.8.0
cpe:2.3:a:oracle:jre:1.8.0:update181:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>11.0.0
cpe:2.3:a:oracle:jre:11.0.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_desktop>>6.0
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_desktop>>7.0
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server>>6.0
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_server>>7.0
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_workstation>>6.0
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>enterprise_linux_workstation>>7.0
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-190Primarynvd@nist.gov
CWE-369Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.htmlcve@mitre.org
Patch
Vendor Advisory
http://www.securityfocus.com/bid/105599cve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041889cve@mitre.org
Broken Link
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2018:3000cve@mitre.org
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3001cve@mitre.org
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3002cve@mitre.org
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3003cve@mitre.org
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3007cve@mitre.org
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3008cve@mitre.org
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3533cve@mitre.org
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3534cve@mitre.org
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3671cve@mitre.org
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3672cve@mitre.org
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3779cve@mitre.org
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3852cve@mitre.org
Third Party Advisory
https://github.com/glennrp/libpng/commit/8a05766cb74af05c04c53e6c9d60c13fc4d59bf2cve@mitre.org
Patch
Third Party Advisory
https://security.gentoo.org/glsa/201908-10cve@mitre.org
Third Party Advisory
https://security.netapp.com/advisory/ntap-20181018-0001/cve@mitre.org
Third Party Advisory
https://sourceforge.net/p/libpng/bugs/278/cve@mitre.org
Third Party Advisory
https://usn.ubuntu.com/3712-1/cve@mitre.org
Third Party Advisory
Change History
0Changes found
Details not found