vulnerability
IBM Java: Oracle October 16 2018 CPU (CVE-2018-13785)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:N/A:P) | 2018-07-09 | 2018-11-05 | 2018-12-21 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
2018-07-09
Added
2018-11-05
Modified
2018-12-21
Description
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.
Solution(s)
ibm-java-upgrade-6_0_16_75ibm-java-upgrade-6_1_8_75ibm-java-upgrade-7_0_10_35ibm-java-upgrade-7_1_4_35ibm-java-upgrade-8_0_5_25
References
- BID-105599
- CVE-2018-13785
- https://attackerkb.com/topics/CVE-2018-13785
- REDHAT-RHSA-2018:3000
- REDHAT-RHSA-2018:3001
- REDHAT-RHSA-2018:3002
- REDHAT-RHSA-2018:3003
- REDHAT-RHSA-2018:3007
- REDHAT-RHSA-2018:3008
- REDHAT-RHSA-2018:3533
- REDHAT-RHSA-2018:3534
- REDHAT-RHSA-2018:3671
- REDHAT-RHSA-2018:3672
- REDHAT-RHSA-2018:3779
- REDHAT-RHSA-2018:3852
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.