What is the severity of CVE-2013-7353?

CVE-2013-7353 has a severity rating that may lead to denial of service attacks due to a segmentation fault and crash.

How do I fix CVE-2013-7353?

To fix CVE-2013-7353, upgrade to libpng version 1.5.14beta08 or later.

What type of vulnerability is CVE-2013-7353?

CVE-2013-7353 is categorized as an integer overflow vulnerability causing a heap-based buffer overflow.

Which versions of libpng are impacted by CVE-2013-7353?

CVE-2013-7353 affects libpng versions up to and including 1.5.13 and certain beta versions.

What kind of attacks can CVE-2013-7353 facilitate?

CVE-2013-7353 can be exploited by attackers to create crafted images that lead to application crashes.

Vulnerability/
CVE-2013-7353

medium

CWE

189 119 190

6/5/2014

12/4/2025

CVE-2013-7353: Buffer Overflow

First published: Tue May 06 2014(Updated: )

Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
libp2p	<=1.5.13
libp2p	=1.5.0-beta
libp2p	=1.5.1
libp2p	=1.5.1-beta
libp2p	=1.5.2
libp2p	=1.5.2-beta
libp2p	=1.5.3-beta
libp2p	=1.5.4
libp2p	=1.5.4-beta
libp2p	=1.5.5
libp2p	=1.5.5-beta
libp2p	=1.5.6
libp2p	=1.5.6-beta
libp2p	=1.5.7
libp2p	=1.5.7-beta
libp2p	=1.5.8
libp2p	=1.5.8-beta
libp2p	=1.5.9
libp2p	=1.5.9-beta
libp2p	=1.5.10-beta
libp2p	=1.5.11
libp2p	=1.5.11-beta
libp2p	=1.5.12
libp2p	=1.5.13-beta
	<=1.5.13
	=1.5.0-beta
	=1.5.1
	=1.5.1-beta
	=1.5.2
	=1.5.2-beta
	=1.5.3-beta
	=1.5.4
	=1.5.4-beta
	=1.5.5
	=1.5.5-beta
	=1.5.6
	=1.5.6-beta
	=1.5.7
	=1.5.7-beta
	=1.5.8
	=1.5.8-beta
	=1.5.9
	=1.5.9-beta
	=1.5.10-beta
	=1.5.11
	=1.5.11-beta
	=1.5.12
	=1.5.13-beta

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-7353?
CVE-2013-7353 has a severity rating that may lead to denial of service attacks due to a segmentation fault and crash.
How do I fix CVE-2013-7353?
To fix CVE-2013-7353, upgrade to libpng version 1.5.14beta08 or later.
What type of vulnerability is CVE-2013-7353?
CVE-2013-7353 is categorized as an integer overflow vulnerability causing a heap-based buffer overflow.
Which versions of libpng are impacted by CVE-2013-7353?
CVE-2013-7353 affects libpng versions up to and including 1.5.13 and certain beta versions.
What kind of attacks can CVE-2013-7353 facilitate?
CVE-2013-7353 can be exploited by attackers to create crafted images that lead to application crashes.

agent/references
agent/first-publish-date
agent/type
agent/severity
agent/weakness
agent/author
agent/description
collector/nvd-index
agent/software-canonical-lookup-request
agent/last-modified-date
agent/source
agent/softwarecombine
agent/event
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
vendor/libpng
canonical/libp2p
version/libp2p/1.5.13
version/libp2p/1.5.0-beta
version/libp2p/1.5.1
version/libp2p/1.5.1-beta
version/libp2p/1.5.2
version/libp2p/1.5.2-beta
version/libp2p/1.5.3-beta
version/libp2p/1.5.4
version/libp2p/1.5.4-beta
version/libp2p/1.5.5
version/libp2p/1.5.5-beta
version/libp2p/1.5.6
version/libp2p/1.5.6-beta
version/libp2p/1.5.7
version/libp2p/1.5.7-beta
version/libp2p/1.5.8
version/libp2p/1.5.8-beta
version/libp2p/1.5.9
version/libp2p/1.5.9-beta
version/libp2p/1.5.10-beta
version/libp2p/1.5.11
version/libp2p/1.5.11-beta
version/libp2p/1.5.12
version/libp2p/1.5.13-beta