Lucene search
HistoryMay 06, 2014 - 2:55 p.m.
CVE-2013-7353
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.4
Confidence
High
EPSS
0.004
Percentile
74.0%
Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.
Affected configurations
Node
libpnglibpngRange≤1.5.13
ORlibpnglibpngMatch1.5.0beta
ORlibpnglibpngMatch1.5.1
ORlibpnglibpngMatch1.5.1beta
ORlibpnglibpngMatch1.5.2
ORlibpnglibpngMatch1.5.2beta
ORlibpnglibpngMatch1.5.3beta
ORlibpnglibpngMatch1.5.4
ORlibpnglibpngMatch1.5.4beta
ORlibpnglibpngMatch1.5.5
ORlibpnglibpngMatch1.5.5beta
ORlibpnglibpngMatch1.5.6
ORlibpnglibpngMatch1.5.6beta
ORlibpnglibpngMatch1.5.7
ORlibpnglibpngMatch1.5.7beta
ORlibpnglibpngMatch1.5.8
ORlibpnglibpngMatch1.5.8beta
ORlibpnglibpngMatch1.5.9
ORlibpnglibpngMatch1.5.9beta
ORlibpnglibpngMatch1.5.10beta
ORlibpnglibpngMatch1.5.11
ORlibpnglibpngMatch1.5.11beta
ORlibpnglibpngMatch1.5.12
ORlibpnglibpngMatch1.5.13beta
| Vendor | Product | Version | CPE |
|---|---|---|---|
| libpng | libpng | * | cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:* |
| libpng | libpng | 1.5.0 | cpe:2.3:a:libpng:libpng:1.5.0:beta:*:*:*:*:*:* |
| libpng | libpng | 1.5.1 | cpe:2.3:a:libpng:libpng:1.5.1:*:*:*:*:*:*:* |
| libpng | libpng | 1.5.1 | cpe:2.3:a:libpng:libpng:1.5.1:beta:*:*:*:*:*:* |
| libpng | libpng | 1.5.2 | cpe:2.3:a:libpng:libpng:1.5.2:*:*:*:*:*:*:* |
| libpng | libpng | 1.5.2 | cpe:2.3:a:libpng:libpng:1.5.2:beta:*:*:*:*:*:* |
| libpng | libpng | 1.5.3 | cpe:2.3:a:libpng:libpng:1.5.3:beta:*:*:*:*:*:* |
| libpng | libpng | 1.5.4 | cpe:2.3:a:libpng:libpng:1.5.4:*:*:*:*:*:*:* |
| libpng | libpng | 1.5.4 | cpe:2.3:a:libpng:libpng:1.5.4:beta:*:*:*:*:*:* |
| libpng | libpng | 1.5.5 | cpe:2.3:a:libpng:libpng:1.5.5:*:*:*:*:*:*:* |
Related
ubuntucve
ubuntucve
CVE-2013-7353
2014-05-06 00:00:00
debiancve
debiancve
CVE-2013-7353
2014-05-06 14:55:05
cvelist
cvelist
CVE-2013-7353
2014-05-06 14:00:00
cve
cve
CVE-2013-7353
2014-05-06 14:55:05
prion
prion
Integer overflow
2014-05-06 14:55:00
nessus
nessus
EulerOS Virtualization 3.0.2.2 : libpng (EulerOS-SA-2020-1496)
2020-04-16 00:00:00
EulerOS 2.0 SP5 : libpng (EulerOS-SA-2019-1975)
2019-09-23 00:00:00
openSUSE Security Update : libpng15 (openSUSE-SU-2014:0616-1)
2014-06-13 00:00:00
mageia
mageia
Updated libpng packages fix two security vulnerabilities
2014-05-10 23:36:04
Updated libpng packages fix two security vulnerabilities
2014-05-10 23:34:01
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0210)
2022-01-28 00:00:00
Mageia: Security Advisory (MGASA-2014-0211)
2022-01-28 00:00:00
Huawei EulerOS: Security Advisory for libpng (EulerOS-SA-2020-1496)
2020-04-16 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: mingw-libpng-1.5.18-1.fc19
2014-06-10 03:13:40
securityvulns
securityvulns
[ MDVSA-2014:084 ] libpng
2014-05-15 00:00:00
libpng security vulnerabilities
2015-04-20 00:00:00
gentoo
gentoo
libpng: Multiple vulnerabilities
2014-08-14 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1884
2021-07-02 17:16:15
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.4
Confidence
High
EPSS
0.004
Percentile
74.0%
Related for NVD:CVE-2013-7353