fkie_cve-2013-6954
Vulnerability from fkie_nvd
Published
2014-01-12 18:34
Modified
2025-06-10 14:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.
References
cret@cert.orghttp://advisories.mageia.org/MGASA-2014-0075.html
cret@cert.orghttp://lists.fedoraproject.org/pipermail/package-announce/2014-February/127947.html
cret@cert.orghttp://lists.fedoraproject.org/pipermail/package-announce/2014-February/127952.html
cret@cert.orghttp://lists.fedoraproject.org/pipermail/package-announce/2014-February/128098.html
cret@cert.orghttp://lists.fedoraproject.org/pipermail/package-announce/2014-February/128099.html
cret@cert.orghttp://lists.fedoraproject.org/pipermail/package-announce/2014-February/128114.html
cret@cert.orghttp://lists.opensuse.org/opensuse-updates/2014-01/msg00071.html
cret@cert.orghttp://marc.info/?l=bugtraq&m=140852886808946&w=2
cret@cert.orghttp://marc.info/?l=bugtraq&m=140852974709252&w=2
cret@cert.orghttp://secunia.com/advisories/58974
cret@cert.orghttp://secunia.com/advisories/59058
cret@cert.orghttp://security.gentoo.org/glsa/glsa-201406-32.xml
cret@cert.orghttp://sourceforge.net/p/libpng/code/ci/1faa6ff32c648acfe3cf30a58d31d7aebc24968cExploit, Patch
cret@cert.orghttp://sourceforge.net/projects/libpng/files/libpng16/1.6.8/Patch
cret@cert.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21672080
cret@cert.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21676746
cret@cert.orghttp://www.kb.cert.org/vuls/id/650142US Government Resource
cret@cert.orghttp://www.libpng.org/pub/png/libpng.html
cret@cert.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2014:035
cret@cert.orghttp://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
cret@cert.orghttp://www.securityfocus.com/bid/64493
cret@cert.orghttps://access.redhat.com/errata/RHSA-2014:0413
cret@cert.orghttps://access.redhat.com/errata/RHSA-2014:0414
cret@cert.orghttps://bugzilla.redhat.com/show_bug.cgi?id=1045561
cret@cert.orghttps://www.ibm.com/support/docview.wss?uid=swg21675973
af854a3a-2127-422b-91ae-364da2661108http://advisories.mageia.org/MGASA-2014-0075.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127947.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127952.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128098.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128099.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128114.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-01/msg00071.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=140852886808946&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=140852974709252&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58974
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59058
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201406-32.xml
af854a3a-2127-422b-91ae-364da2661108http://sourceforge.net/p/libpng/code/ci/1faa6ff32c648acfe3cf30a58d31d7aebc24968cExploit, Patch
af854a3a-2127-422b-91ae-364da2661108http://sourceforge.net/projects/libpng/files/libpng16/1.6.8/Patch
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21672080
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21676746
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/650142US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.libpng.org/pub/png/libpng.html
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2014:035
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/64493
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2014:0413
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2014:0414
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1045561
af854a3a-2127-422b-91ae-364da2661108https://www.ibm.com/support/docview.wss?uid=swg21675973
Impacted products
Vendor Product Version
libpng libpng *
libpng libpng 1.6.0
libpng libpng 1.6.0
libpng libpng 1.6.1
libpng libpng 1.6.1
libpng libpng 1.6.2
libpng libpng 1.6.2
libpng libpng 1.6.3
libpng libpng 1.6.3
libpng libpng 1.6.4
libpng libpng 1.6.4
libpng libpng 1.6.5
libpng libpng 1.6.6
libpng libpng 1.6.7
libpng libpng 1.6.7


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:libpng:libpng:*:beta:*:*:*:*:*:*",
              "matchCriteriaId": "C79F2464-B57E-4A57-9763-6159B24E93D7",
              "versionEndIncluding": "1.6.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7A0D174-F35C-488B-8577-00EFB7741089",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.0:beta:*:*:*:*:*:*",
              "matchCriteriaId": "051989A3-3F72-4223-98DF-54B0488656F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EDC5DA5-F2A7-4819-BB9D-258EB9AB7857",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.1:beta:*:*:*:*:*:*",
              "matchCriteriaId": "02FCC235-9564-4B92-B1AB-294EAB110E95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "27B34D78-C0BC-45DC-AD84-F5F13451ED7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.2:beta:*:*:*:*:*:*",
              "matchCriteriaId": "40C344C8-812C-4EDE-9AD6-31EF7F0E24C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D3A7EC-774C-423F-BDE1-CDCB9433D87B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.3:beta:*:*:*:*:*:*",
              "matchCriteriaId": "B9353E66-56D2-4CD1-BC30-5B2FF0F4E722",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B898B95-CF41-4813-8FE7-776BD59A6A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.4:beta:*:*:*:*:*:*",
              "matchCriteriaId": "5D9BF9ED-965A-4BF5-A3EC-FAFCE880F14A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F5E5899-5A3F-49A1-B18C-4C97566B87BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7897EEC-DE43-485A-B2CD-E8623A6D2C8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACC16FE2-E94E-45B9-94F0-B6434B21DD2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.7:beta:*:*:*:*:*:*",
              "matchCriteriaId": "278434CA-DD56-47FC-9C15-4B9D4159786C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n png_do_expand_palette en libpng anteriores a 1.6.8 permite a atacantes remotos causar una denegaci\u00f3n de servicio (referencia a puntero NULO y crash de la aplicaci\u00f3n) a trav\u00e9s de (1) un chunk PLTE de cero bytes o (2) una paleta NULL, relacionada con pngrtran.c y pngset.c"
    }
  ],
  "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/476.html\n\n\"CWE-476: NULL Pointer Dereference\"",
  "id": "CVE-2013-6954",
  "lastModified": "2025-06-10T14:15:22.367",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2014-01-12T18:34:55.893",
  "references": [
    {
      "source": "cret@cert.org",
      "url": "http://advisories.mageia.org/MGASA-2014-0075.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127947.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127952.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128098.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128099.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128114.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00071.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
    },
    {
      "source": "cret@cert.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/58974"
    },
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/59058"
    },
    {
      "source": "cret@cert.org",
      "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://sourceforge.net/p/libpng/code/ci/1faa6ff32c648acfe3cf30a58d31d7aebc24968c"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Patch"
      ],
      "url": "http://sourceforge.net/projects/libpng/files/libpng16/1.6.8/"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/650142"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.libpng.org/pub/png/libpng.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:035"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securityfocus.com/bid/64493"
    },
    {
      "source": "cret@cert.org",
      "url": "https://access.redhat.com/errata/RHSA-2014:0413"
    },
    {
      "source": "cret@cert.org",
      "url": "https://access.redhat.com/errata/RHSA-2014:0414"
    },
    {
      "source": "cret@cert.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1045561"
    },
    {
      "source": "cret@cert.org",
      "url": "https://www.ibm.com/support/docview.wss?uid=swg21675973"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://advisories.mageia.org/MGASA-2014-0075.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127947.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127952.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128098.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128099.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128114.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00071.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=140852886808946\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=140852974709252\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/58974"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://sourceforge.net/p/libpng/code/ci/1faa6ff32c648acfe3cf30a58d31d7aebc24968c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sourceforge.net/projects/libpng/files/libpng16/1.6.8/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/650142"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.libpng.org/pub/png/libpng.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:035"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/64493"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2014:0413"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2014:0414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1045561"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.ibm.com/support/docview.wss?uid=swg21675973"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.