Executive Summary

Informations
NameCVE-2018-14048First vendor Publication2018-07-13
VendorCveLast vendor Modification2019-04-18

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Cvss Base Score4.3Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14048

CWE : Common Weakness Enumeration

%idName
100 %CWE-399Resource Management Errors

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Application4
Application4

Sources (Detail)

SourceUrl
BUGTRAQ https://seclists.org/bugtraq/2019/Apr/30
CONFIRM http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
MISC http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpn...
https://github.com/fouzhe/security/tree/master/libpng
https://github.com/glennrp/libpng/issues/238

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
DateInformations
2019-04-18 21:19:03
  • Multiple Updates
2019-04-18 13:19:28
  • Multiple Updates
2019-02-08 21:19:22
  • Multiple Updates
2018-10-17 09:20:21
  • Multiple Updates
2018-09-05 21:20:45
  • Multiple Updates
2018-07-13 21:19:30
  • First insertion