2.6
LOW

CVE-2019-7317

Published: 04/02/2019 Updated: 04/02/2019
CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9
CVSS v3 Base Score: 5.3 | Impact Score: 3.6 | Exploitability Score: 1.6

Vulnerability Summary

libpng png_image_free function Use-After-Free Denial of Service Vulnerability

png_image_free in png.c in libpng 1.6.36 has a use-after-free because png_image_free_function is called under png_safe_execute.

A vulnerability in the png_image_free function of libpng could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system. The vulnerability is due to a use-after-free memory error that could occur in the png_image_free function, as defined in the png.c source code file of the affected software, when calling on png_safe_execute. An attacker could exploit this vulnerability by sending crafted data to the affected system that will trigger a call on png_safe_execute. A successful exploit could cause a use-after-free memory error, resulting in a DoS condition. Proof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available. PNG Development Group has confirmed the vulnerability, however, software updates are not available.

Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P
Access Complexity: HIGH
Authentication: NONE
Access Vector: NETWORK
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Vulnerability Trend

Affected Products

Vendor Product Versions
LibpngLibpng1.6.36

Vendor Advisories

png_image_free in pngc in libpng 1636 has a use-after-free because png_image_free_function is called under png_safe_execute ...
png_image_free in pngc in libpng 1636 has a use-after-free because png_image_free_function is called under png_safe_execute ...

References