CVE-2018-13785

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.

References

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

http://www.securityfocus.com/bid/105599

http://www.securitytracker.com/id/1041889

https://access.redhat.com/errata/RHSA-2018:3000

https://access.redhat.com/errata/RHSA-2018:3001

https://access.redhat.com/errata/RHSA-2018:3002

https://access.redhat.com/errata/RHSA-2018:3003

https://access.redhat.com/errata/RHSA-2018:3007

https://access.redhat.com/errata/RHSA-2018:3008

https://access.redhat.com/errata/RHSA-2018:3533

https://access.redhat.com/errata/RHSA-2018:3534

https://access.redhat.com/errata/RHSA-2018:3671

https://access.redhat.com/errata/RHSA-2018:3672

https://access.redhat.com/errata/RHSA-2018:3779

https://access.redhat.com/errata/RHSA-2018:3852

https://github.com/glennrp/libpng/commit/8a05766cb74af05c04c53e6c9d60c13fc4d59bf2

https://security.gentoo.org/glsa/201908-10

https://security.netapp.com/advisory/ntap-20181018-0001/

https://sourceforge.net/p/libpng/bugs/278/

https://usn.ubuntu.com/3712-1/

Details

Source: MITRE

Published: 2018-07-09

Updated: 2020-09-08

Type: CWE-190

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:libpng:libpng:1.6.34:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

Configuration 3

OR

cpe:2.3:a:oracle:jdk:1.6.0:update_201:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update191:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:update181:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:11.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_201:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update_191:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:update_181:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:11.0.0:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Tenable Plugins

View all (37 total)

IDNameProductFamilySeverity
136109Photon OS 1.0: Openjdk11 PHSA-2020-1.0-0290NessusPhotonOS Local Security Checks
critical
136100Photon OS 3.0: Openjdk11 PHSA-2020-3.0-0084NessusPhotonOS Local Security Checks
critical
131496EulerOS Virtualization for ARM 64 3.0.3.0 : libpng (EulerOS-SA-2019-2331)NessusHuawei Local Security Checks
medium
127959GLSA-201908-10 : Oracle JDK/JRE: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
126526SUSE SLED15 / SLES15 Security Update : libpng16 (SUSE-SU-2019:1398-2)NessusSuSE Local Security Checks
medium
125797openSUSE Security Update : libpng16 (openSUSE-2019-1530)NessusSuSE Local Security Checks
medium
125677SUSE SLED15 / SLES15 Security Update : libpng16 (SUSE-SU-2019:1398-1)NessusSuSE Local Security Checks
medium
700659Oracle Java SE 6 < Update 211 / 7 < Update 201 / 8 < Update 191 / 11 < Update 1 Multiple Vulnerabilities (October 2018 CPU)Nessus Network MonitorWeb Clients
medium
121152openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2019-43)NessusSuSE Local Security Checks
critical
121151openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2019-42) (Spectre)NessusSuSE Local Security Checks
medium
121092SUSE SLED15 / SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2019:0058-1)NessusSuSE Local Security Checks
critical
121091SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2019:0057-1)NessusSuSE Local Security Checks
critical
121059SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2019:0049-1) (Spectre)NessusSuSE Local Security Checks
medium
120723Fedora 28 : libpng15 (2018-b48e0b8761)NessusFedora Local Security Checks
medium
120209Fedora 28 : libpng10 (2018-04eded822e)NessusFedora Local Security Checks
medium
120207Fedora 28 : 2:libpng (2018-043bd3349e)NessusFedora Local Security Checks
medium
120167SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2018:3868-1)NessusSuSE Local Security Checks
critical
119801RHEL 6 : java-1.8.0-ibm (RHSA-2018:3852)NessusRed Hat Local Security Checks
critical
119578SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2018:4064-1)NessusSuSE Local Security Checks
critical
119443RHEL 6 : java-1.7.1-ibm (RHSA-2018:3779)NessusRed Hat Local Security Checks
medium
119285SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2018:3933-1)NessusSuSE Local Security Checks
medium
119282SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2018:3921-1)NessusSuSE Local Security Checks
medium
119281SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2018:3920-1)NessusSuSE Local Security Checks
medium
119175RHEL 7 : java-1.7.1-ibm (RHSA-2018:3672)NessusRed Hat Local Security Checks
medium
119174RHEL 6 : java-1.7.1-ibm (RHSA-2018:3671)NessusRed Hat Local Security Checks
medium
118865RHEL 7 : java-1.8.0-ibm (RHSA-2018:3534)NessusRed Hat Local Security Checks
critical
118864RHEL 6 : java-1.8.0-ibm (RHSA-2018:3533)NessusRed Hat Local Security Checks
critical
118377RHEL 6 : java-1.6.0-sun (RHSA-2018:3008)NessusRed Hat Local Security Checks
high
118376RHEL 7 : java-1.6.0-sun (RHSA-2018:3007)NessusRed Hat Local Security Checks
high
118372RHEL 6 : java-1.8.0-oracle (RHSA-2018:3003)NessusRed Hat Local Security Checks
critical
118371RHEL 7 : java-1.8.0-oracle (RHSA-2018:3002)NessusRed Hat Local Security Checks
critical
118370RHEL 7 : java-1.7.0-oracle (RHSA-2018:3001)NessusRed Hat Local Security Checks
high
118369RHEL 6 : java-1.7.0-oracle (RHSA-2018:3000)NessusRed Hat Local Security Checks
high
118228Oracle Java SE Multiple Vulnerabilities (October 2018 CPU)NessusWindows
critical
118227Oracle Java SE Multiple Vulnerabilities (October 2018 CPU) (Unix)NessusMisc.
critical
111397Fedora 27 : libpng10 (2018-3e04e9fe54)NessusFedora Local Security Checks
medium
111040Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : libpng vulnerabilities (USN-3712-1)NessusUbuntu Local Security Checks
high