CVE-2018-13785

Summary

CVE	CVE-2018-13785
State	PUBLISHED
Assigner	mitre
Source Priority	CVE Program / NVD first with legacy fallback
Published	2018-07-09 13:29:00 UTC
Updated	2026-05-29 21:16:32 UTC
Description	In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.

Risk And Classification

Primary CVSS: v3.1 6.5 MEDIUM from [email protected]

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS: 0.030680000 probability, percentile 0.869800000 (date 2026-06-02)

Problem Types: CWE-190 | CWE-369 | n/a | CWE-369 CWE-369 Divide By Zero | CWE-190 CWE-190 Integer Overflow or Wraparound

Version	Source	Type	Score	Severity	Vector
3.1	[email protected]	Primary	6.5	MEDIUM	`CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H`
3.1	ADP	DECLARED	6.5	MEDIUM	`CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H`
3.1	134c704f-9b21-4f2e-91b3-4a467353bcc0	Secondary	6.5	MEDIUM	`CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H`
2.0	[email protected]	Primary	4.3		`AV:N/AC:M/Au:N/C:N/I:N/A:P`

CVSS v3.1 Breakdown

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVSS v2.0 Breakdown

Access Vector

Network

Access Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Canonical	Ubuntu Linux	14.04	All	All	All
Operating System	Canonical	Ubuntu Linux	16.04	All	All	All
Operating System	Canonical	Ubuntu Linux	17.10	All	All	All
Operating System	Canonical	Ubuntu Linux	18.04	All	All	All
Application	Libpng	Libpng	1.6.34	All	All	All
Application	Oracle	Jdk	1.6.0	update201	All	All
Application	Oracle	Jdk	1.7.0	update191	All	All
Application	Oracle	Jdk	1.8.0	update181	All	All
Application	Oracle	Jdk	11.0.0	All	All	All
Application	Oracle	Jre	1.6.0	update201	All	All
Application	Oracle	Jre	1.7.0	update191	All	All
Application	Oracle	Jre	1.8.0	update181	All	All
Application	Oracle	Jre	11.0.0	All	All	All
Operating System	Redhat	Enterprise Linux Desktop	6.0	All	All	All
Operating System	Redhat	Enterprise Linux Desktop	7.0	All	All	All
Operating System	Redhat	Enterprise Linux Server	6.0	All	All	All
Operating System	Redhat	Enterprise Linux Server	7.0	All	All	All
Operating System	Redhat	Enterprise Linux Workstation	6.0	All	All	All
Operating System	Redhat	Enterprise Linux Workstation	7.0	All	All	All

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	Na	N/a	affected n/a	Not specified

References

Reference	Source	Link	Tags
CPU Oct 2018	af854a3a-2127-422b-91ae-364da2661108	www.oracle.com	Patch, Vendor Advisory
Red Hat Customer Portal	af854a3a-2127-422b-91ae-364da2661108	access.redhat.com	Third Party Advisory
October 2018 Java Platform Standard Edition Vulnerabilities in NetApp Products \| NetApp Product Security	af854a3a-2127-422b-91ae-364da2661108	security.netapp.com	Third Party Advisory
Red Hat Customer Portal	af854a3a-2127-422b-91ae-364da2661108	access.redhat.com	Third Party Advisory
Red Hat Customer Portal	af854a3a-2127-422b-91ae-364da2661108	access.redhat.com	Third Party Advisory
Red Hat Customer Portal	af854a3a-2127-422b-91ae-364da2661108	access.redhat.com	Third Party Advisory
Red Hat Customer Portal	af854a3a-2127-422b-91ae-364da2661108	access.redhat.com	Third Party Advisory
Red Hat Customer Portal	af854a3a-2127-422b-91ae-364da2661108	access.redhat.com	Third Party Advisory
Oracle Java SE Multiple Bugs Let Remote Users Gain Elevated Privileges, Remote and Local Users Access and Modify Data, and Remote Users Deny Service - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	www.securitytracker.com	Broken Link, Third Party Advisory, VDB Entry
Red Hat Customer Portal	af854a3a-2127-422b-91ae-364da2661108	access.redhat.com	Third Party Advisory
Red Hat Customer Portal	af854a3a-2127-422b-91ae-364da2661108	access.redhat.com	Third Party Advisory
Red Hat Customer Portal	af854a3a-2127-422b-91ae-364da2661108	access.redhat.com	Third Party Advisory
USN-3712-1: libpng vulnerabilities \| Ubuntu security notices \| Ubuntu	af854a3a-2127-422b-91ae-364da2661108	usn.ubuntu.com	Third Party Advisory
Red Hat Customer Portal	af854a3a-2127-422b-91ae-364da2661108	access.redhat.com	Third Party Advisory
Red Hat Customer Portal	af854a3a-2127-422b-91ae-364da2661108	access.redhat.com	Third Party Advisory
Oracle JDK/JRE: Multiple vulnerabilities (GLSA 201908-10) — Gentoo security	af854a3a-2127-422b-91ae-364da2661108	security.gentoo.org	Third Party Advisory
Oracle Java SE/Java SE Embedded CVE-2018-13785 Remote Security Vulnerability	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com	Broken Link, Third Party Advisory, VDB Entry
LIBPNG: PNG reference library / Bugs / #278 Division by zero causes LibPNG to crash	af854a3a-2127-422b-91ae-364da2661108	sourceforge.net	Third Party Advisory
[libpng16] Fix the calculation of row_factor in png_check_chunk_length · glennrp/libpng@8a05766 · GitHub	af854a3a-2127-422b-91ae-364da2661108	github.com	Patch, Third Party Advisory
Red Hat Customer Portal	af854a3a-2127-422b-91ae-364da2661108	access.redhat.com	Third Party Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

501207 Alpine Linux Security Update for openjdk7
501216 Alpine Linux Security Update for openjdk8