The vulnerability of the libpng library, which allows a hacker to cause a service failure or exert other effects

🗓️ 19 Jul 2016 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

The libpng png_set_PLTE vulnerability causes a buffer overflow that enables remote attackers to disrupt services with a crafted PNG header.

Reporter	Title	Published	Views	Family All 258
IBM Security Bulletins	Security Bulletin:Multiple Security Vulnerabilities exist in IBM Cognos Insight	24 Feb 202007:27	–	ibm
IBM Security Bulletins	Title Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Identity Governance and Intelligence 5.2	16 Jun 201821:39	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java affect IBM Netezza Analytics for NPS	31 May 202203:16	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in current releases of IBM® WebSphere Real Time	15 Jun 201807:04	–	ibm
IBM Security Bulletins	Security Bulletin: CICS Transaction Gateway for Multiplatforms	15 Jun 201807:05	–	ibm
IBM Security Bulletins	Security Bulletin: Gdal vulnerabilities affect IBM Netezza Analytics for NPS	3 Jun 202214:32	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java JRE, 8.0-1.1 affect IBM Netezza Platform Software clients.	7 Dec 202008:05	–	ibm
IBM Security Bulletins	Security Bulletin: January 2016 Java Platform Standard Edition Vulnerabilities in Multiple N Series Products	18 Jun 201800:34	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Forms Viewer may be affected by a known issue with libpng library (CVE-2015-8126, CVE-2015-8472)	16 Jun 201819:52	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Manager IP Edition	17 Jun 201815:22	–	ibm

Vulners

Node

guy_eric_schalnat_andreas_dilger_glenn_randers-pehrson libpngRange<1.0.65

OR

guy_eric_schalnat_andreas_dilger_glenn_randers-pehrson libpngRange1.1.0–1.2.55

OR

guy_eric_schalnat_andreas_dilger_glenn_randers-pehrson libpngRange1.3.0–1.4.18

OR

guy_eric_schalnat_andreas_dilger_glenn_randers-pehrson libpngRange1.5.0–1.5.25

OR

guy_eric_schalnat_andreas_dilger_glenn_randers-pehrson libpngRange1.6.0–1.6.20

OR

apple os_xRange≤10.11.3

Source	Link
support	www.support.apple.com/HT206167
securityfocus	www.securityfocus.com/bid/78624
oracle	www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
openwall	www.openwall.com/lists/oss-security/2015/12/03/6
sourceforge	www.sourceforge.net/projects/libpng/files/libpng16/1.6.20/
sourceforge	www.sourceforge.net/projects/libpng/files/libpng15/1.5.25/
sourceforge	www.sourceforge.net/projects/libpng/files/libpng14/1.4.18/
sourceforge	www.sourceforge.net/projects/libpng/files/libpng12/1.2.55/
sourceforge	www.sourceforge.net/projects/libpng/files/libpng10/1.0.65/
rhn	www.rhn.redhat.com/errata/RHSA-2015-2596.html

23 Mar 2021 00:00Current

7.7High risk

Vulners AI Score7.7

CVSS 27.5

EPSS0.04094

portable network graphics palette data buffer overflow remote attacker service disruption crafted header vulnerability