Medium severity6.5NVD Advisory· Published May 6, 2014· Updated May 6, 2026
CVE-2013-7353
CVE-2013-7353
Description
Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.
Affected products
24cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*+ 23 more
- cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*range: <=1.5.13
- cpe:2.3:a:libpng:libpng:1.5.0:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.10:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.11:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.11:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.12:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.13:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.1:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.2:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.3:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.4:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.5:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.6:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.7:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.8:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.9:beta:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4News mentions
0No linked articles in our index yet.