CVE-2013-7354

Published May 6, 2014

Last updated 8 years ago

Overview

Description: Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-189

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63A83C24-6658-4687-9391-21EE7969A5E4",
            "versionEndIncluding": "1.5.13"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.0:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8BA2974-AF9F-4382-B443-F54354B5623A"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE8BC209-45B9-44D6-A26D-0B570ED5BB19"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.1:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "468B1A0E-AF58-42C4-9801-D6F83F283360"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6644ED2F-66F3-469D-8233-72FE7321E850"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.2:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B36D610D-F86A-4D46-B0F2-884FFA601C69"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.3:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8A976DD-87FA-425D-8E07-E3CFC4D3FD05"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F34978D-6ABE-463E-AB48-21CC55B7D157"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.4:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3716FF0E-AD20-46F8-B8F6-3EC42D427C90"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A4568BB-F5FF-4BBB-9DA3-E66C2BFA2416"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.5:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5300EC4-B3A0-42C5-8D39-67AB75C47153"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "246CF13F-FDC1-499E-9FC1-5624D54E9E3F"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.6:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5840A8E-AB64-40A9-8BB6-EB6BA51D40B4"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC66FD43-421B-4223-BA32-EC47B51E1091"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.7:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEC9D57C-47F2-4773-85B6-FFB0C4681E0C"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0F5664B-5AB9-4DE4-99AA-8FD32DBA4A4A"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.8:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CD1C8E6-DF35-47F7-877F-001AD62B57CC"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7712376-D776-4814-A041-FBFEAC70ADC3"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.9:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF69B34E-F7FB-4F4C-AF7D-ACD165B1233B"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.10:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7CC2E64-E48C-4DE6-892D-06A0B806A51B"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65DEDF02-9239-497C-94DB-DAF80B6B4F6C"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.11:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BE62DB2-664D-4E0A-840F-09D13E41704A"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CAAECD8-0C16-40CC-BA8A-97DF38BAF668"
          },
          {
            "criteria": "cpe:2.3:a:libpng:libpng:1.5.13:beta:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "561D5D7A-1933-4A6D-940E-8DD035AA31B3"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References