Lucene search
GoogleOSV:DLA-375-1HistoryDec 27, 2015 - 12:00 a.m.
libpng - security update
2015-12-2700:00:00
Google
osv.dev
13
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
- CVE-2015-8472
update incomplete patch for CVE-2015-8126 - CVE-2015-8540
underflow read in png_check_keyword in pngwutil.c - CVE-2012-3425
The png_push_read_zTXt function in pngpread.c in libpng 1.0.x
before 1.0.58, 1.2.x before 1.2.48, 1.4.x before 1.4.10, and
1.5.x before 1.5.10 allows remote attackers to cause a denial
of service (out-of-bounds read) via a large avail_in field value
in a PNG image.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libpng | eq | 1.2.44-1+squeeze2 | |
| libpng | eq | 1.2.44-1+squeeze3 | |
| libpng | eq | 1.2.44-1 | |
| libpng | eq | 1.2.44-1+squeeze1 | |
| libpng | eq | 1.2.44-1+squeeze4 | |
| libpng | eq | 1.2.44-1+squeeze5 |
References
Related
openvas
openvas
Debian: Security Advisory (DLA-375-1)
2023-03-08 00:00:00
Debian Security Advisory DSA 3443-1 (libpng - security update)
2016-01-13 00:00:00
Debian: Security Advisory (DSA-3443-1)
2016-01-12 00:00:00
debian
debian
[SECURITY] [DLA 375-1] libpng security update
2015-12-27 21:02:26
[SECURITY] [DSA 3443-1] libpng security update
2016-01-13 21:31:22
[SECURITY] [DSA 3443-1] libpng security update
2016-01-13 21:31:22
nessus
nessus
Debian DLA-375-1 : libpng Security Update
2016-08-02 00:00:00
Debian DSA-3443-1 : libpng - security update
2016-01-14 00:00:00
Fedora 22 : libpng12-1.2.56-1.fc22 (2015-ac8100927a)
2016-03-04 00:00:00
osv
osv
libpng - security update
2016-01-13 00:00:00
libpng - security update
2015-11-17 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in libpng affect IBM Cognos Metrics Manager (CVE-2015-8126, CVE-2015-8472, CVE-2015-8540)
2018-06-15 23:15:10
fedora
fedora
[SECURITY] Fedora 22 Update: libpng12-1.2.56-1.fc22
2016-01-02 23:21:26
[SECURITY] Fedora 23 Update: libpng12-1.2.56-1.fc23
2016-01-02 22:24:31
[SECURITY] Fedora 23 Update: libpng15-1.5.25-1.fc23
2016-01-04 18:55:22
cloudfoundry
cloudfoundry
USN-2861-1 libpng vulnerability | Cloud Foundry
2016-01-19 00:00:00
ubuntu
ubuntu
libpng vulnerabilities
2016-01-06 00:00:00
libpng vulnerabilities
2015-11-19 00:00:00
redhat
redhat
(RHSA-2015:2596) Moderate: libpng security update
2015-12-09 13:26:42
(RHSA-2015:2595) Moderate: libpng12 security update
2015-12-09 13:25:59
(RHSA-2015:2594) Moderate: libpng security update
2015-12-09 00:00:00
f5
f5
SOL81903701 - Libpng vulnerability CVE-2015-8472
2016-03-07 00:00:00
K81903701 : Libpng vulnerability CVE-2015-8472
2016-03-07 00:00:00
K76930736 : Libpng vulnerability CVE-2015-8126
2015-12-19 00:00:00
slackware
slackware
[slackware-security] libpng
2015-12-16 06:25:09
[slackware-security] libpng
2015-12-18 06:17:35
centos
centos
libpng security update
2015-12-09 19:21:36
libpng12 security update
2015-12-09 19:21:50
libpng security update
2015-12-09 14:47:29
ubuntucve
ubuntucve
prion
prion
Buffer overflow
2016-01-21 15:59:00
Out-of-bounds
2012-08-13 20:55:00
Integer overflow
2016-04-14 14:59:00
mageia
mageia
Updated libpng packages fix security vulnerabilities
2015-12-17 00:01:04
Updated libpng12 packages fix security vulnerability
2015-12-28 22:23:26
Updated libpng/libpng12 packages fix security vulnerability
2015-11-20 01:08:19
cve
cve
oraclelinux
oraclelinux
libpng security update
2015-12-09 00:00:00
libpng12 security update
2015-12-09 00:00:00
libpng security update
2015-12-09 00:00:00
veracode
veracode
Denial-of-Service (DoS) Via Embedded Dependency
2017-02-27 07:42:41
Buffer Overflow
2017-02-06 08:35:04
Buffer Overflow
2017-02-08 02:19:46
debiancve
debiancve
CVE-2015-8472
2016-01-21 15:59:00
CVE-2015-8126
2015-11-13 03:59:00
freebsd
freebsd
libpng buffer overflow in png_set_PLTE
2015-11-15 00:00:00
archlinux
archlinux
libpng: buffer overflow
2015-12-28 00:00:00
gentoo
gentoo
libpng: Multiple vulnerabilities
2016-11-15 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1884
2021-07-02 17:16:15
amazon
amazon
Important: libpng
2023-01-18 00:16:00
Medium: libpng
2015-11-23 13:43:00
suse
suse
Security update for libpng16 (important)
2015-11-25 21:14:06
Security update for java-1_7_1-ibm (important)
2016-02-10 13:12:57
Security update for java-1_7_1-ibm (important)
2016-02-10 13:11:57
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related for OSV:DLA-375-1