QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2013-6954

Back to search

CVE-2013-6954

Published: Jan 12, 2014

Modified: Jun 10, 2025

PUBLISHED

Description

The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.

VendorProductVersions

n/a

n/a

affected
n/a

References

RHSA-2014:0414
vendor-advisory
x_refsource_REDHAT
GLSA-201406-32
vendor-advisory
x_refsource_GENTOO
FEDORA-2014-1803
vendor-advisory
x_refsource_FEDORA
openSUSE-SU-2014:0100
vendor-advisory
x_refsource_SUSE
HPSBUX03091
vendor-advisory
x_refsource_HP
VU#650142
third-party-advisory
x_refsource_CERT-VN
RHSA-2014:0413
vendor-advisory
x_refsource_REDHAT
59058
third-party-advisory
x_refsource_SECUNIA
SSRT101667
vendor-advisory
x_refsource_HP
HPSBUX03092
vendor-advisory
x_refsource_HP
64493
vdb-entry
x_refsource_BID
58974
third-party-advisory
x_refsource_SECUNIA
MDVSA-2014:035
vendor-advisory
x_refsource_MANDRIVA
FEDORA-2014-1754
vendor-advisory
x_refsource_FEDORA
SSRT101668
vendor-advisory
x_refsource_HP
FEDORA-2014-1770
vendor-advisory
x_refsource_FEDORA
FEDORA-2014-1778
vendor-advisory
x_refsource_FEDORA
FEDORA-2014-1766
vendor-advisory
x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now