Back to search
CVE-2013-7354
Published: May 6, 2014
Modified: Jun 9, 2025
PUBLISHED
Description
Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://sourceforge.net/p/libpng/bugs/199/
x_refsource_CONFIRM
openSUSE-SU-2014:0604
vendor-advisory
x_refsource_SUSE
67344
vdb-entry
x_refsource_BID
[oss-security] 20140410 CVE-2013-7353 CVE-2013-7354 libpng integer overflows
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now