11 matches found
Azure Linux 3.0 Security Update: fltk / teckit (CVE-2015-2158)
The version of fltk / teckit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2015-2158 advisory. - Off-by-one error in the pngcrushmeasureidat function in pngcrush.c in pngcrush before 1.7.84 allows...
CVE-2015-2158 affecting package fltk for versions less than 1.3.8-1
CVE-2015-2158 affecting package fltk for versions less than 1.3.8-1. An upgraded version of the package is available that resolves this issue...
CVE-2015-2158 affecting package teckit for versions less than 2.5.12-4
CVE-2015-2158 affecting package teckit for versions less than 2.5.12-4. An upgraded version of the package is available that resolves this issue...
Mageia: Security Advisory (MGASA-2015-0101)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-2158
Off-by-one error in the pngcrushmeasureidat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PNG file...
AZL-44265 CVE-2015-2158 affecting package fltk for versions less than 1.3.8-1
Off-by-one error in the pngcrushmeasureidat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PNG file...
CVE-2015-2158
Off-by-one error in the pngcrushmeasureidat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PNG file...
CVE-2015-2158
The CVE-2015-2158 entry describes an off-by-one bug in pngcrush_measure_idat() in pngcrush.c, affecting pngcrush before 1.7.84. A crafted PNG file can trigger a denial of service (crash) and may allow arbitrary code execution. Publicly documented details confirm the vulnerable component and the r...
Internet Bug Bounty: pngcrush_measure_idat() off-by-one error (CVE-2015-2158)
This is an off-by-one error in the "pngcrushmeasureidat" function in pngcrush.c, introduced by commit http://sourceforge.net/p/pmt/code/ci/e1a36a9639e2db16494d90459c7c2b78677a20bf/ in version 1.7.83. The code in pngcrush.c line 7405: if length = length; ib-- buffib = 0; If length is 0, the last...
MGASA-2015-0101 Updated pngcrush package fixes security vulnerability
pngcrush-1.7.84 fixes defects reported by Coverity-scan, so it should be more resistant to crashes due to malformed input files, such as the one presented in CVE-2015-2158...
Updated pngcrush package fixes security vulnerability
pngcrush-1.7.84 fixes defects reported by Coverity-scan, so it should be more resistant to crashes due to malformed input files, such as the one presented in CVE-2015-2158...