PT-2018-12184 · Oracle+6 · Oracle Java Se+7

Thuan Pham

·

Published

2018-07-09

·

Updated

2024-06-15

·

CVE-2018-13785

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions libpng version 1.6.34 Oracle Java SE (affected versions not specified)
Description The issue is related to a wrong calculation that may trigger an integer overflow and resultant divide-by-zero while processing a crafted file, leading to a denial of service. An unspecified vulnerability in Oracle Java SE could allow an unauthenticated attacker to take control of the system.
Recommendations For libpng version 1.6.34, consider updating to a newer version to mitigate the risk. For Oracle Java SE, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Integer Overflow

Divide By Zero

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-369

Related Identifiers

ALT-PU-2018-2451
CVE-2018-13785
MGASA-2018-0468
OPENSUSE-SU-2019:0043-1
OPENSUSE-SU-2019:1530-1
OPENSUSE-SU-2019_0042-1
OPENSUSE-SU-2019_0043-1
OPENSUSE-SU-2019_1530-1
OPENSUSE-SU-2024:10876-1
OPENSUSE-SU-2024:10972-1
RHSA-2018:3000
RHSA-2018:3001
RHSA-2018:3002
RHSA-2018:3003
RHSA-2018:3007
RHSA-2018:3008
RHSA-2018:3533
RHSA-2018:3534
RHSA-2018:3671
RHSA-2018:3672
RHSA-2018:3779
RHSA-2018:3852
RHSA-2018_3000
RHSA-2018_3001
RHSA-2018_3002
RHSA-2018_3003
RHSA-2018_3007
RHSA-2018_3008
RHSA-2018_3533
RHSA-2018_3534
RHSA-2018_3671
RHSA-2018_3672
SUSE-SU-2018:3868-1
SUSE-SU-2018:3920-1
SUSE-SU-2018:3921-1
SUSE-SU-2018:3933-1
SUSE-SU-2018:3933-2
SUSE-SU-2018:4064-1
SUSE-SU-2018:4064-2
SUSE-SU-2018_3868-1
SUSE-SU-2018_3920-1
SUSE-SU-2018_3921-1
SUSE-SU-2018_3933-1
SUSE-SU-2018_3933-2
SUSE-SU-2018_4064-1
SUSE-SU-2018_4064-2
SUSE-SU-2019:0049-1
SUSE-SU-2019:0049-2
SUSE-SU-2019:0057-1
SUSE-SU-2019:0057-2
SUSE-SU-2019:0058-1
SUSE-SU-2019:1398-1
SUSE-SU-2019:1398-2
SUSE-SU-2019_0057-1
SUSE-SU-2019_0057-2
SUSE-SU-2019_0058-1
SUSE-SU-2019_1398-1
SUSE-SU-2019_1398-2
USN-3712-1

Affected Products

Alt Linux
Ibm Aix
Java Platform
Oracle Java Se
Red Hat
Suse
Ubuntu
Libpng