Lucene search
K

10 matches found

F5 Networks
F5 Networks
added 2024/10/07 4:43 p.m.24 views

K000141359: libpng vulnerability CVE-2015-8540

Security Advisory Description Integer underflow in the pngcheckkeyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space...

9.3CVSS8.5AI score0.06431EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.18 views

RHEL 6 : libpng (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libpng: underflow read in pngcheckkeyword CVE-2015-8540 - The pngsettext2 function in libpng 0.71 before...

8.8CVSS8.7AI score0.06431EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/01/24 12:0 a.m.57 views

Amazon Linux 2 : libpng (ALAS-2023-1904)

The version of libpng installed on the remote host is prior to 1.5.13-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1904 advisory. Integer underflow in the pngcheckkeyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x...

9.3CVSS7.9AI score0.06431EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2016/07/19 12:0 a.m.5 views

The vulnerability of the libpng library, which allows an attacker to compromise the integrity, accessibility, and confidentiality of information.

The vulnerability of the pngcheckkeyword function in the libpng library arises from the loss of a decimal place value. Exploiting this vulnerability could allow an attacker to compromise the integrity, accessibility, and confidentiality of information by using a space character in the PNG image’s...

9.3CVSS7.3AI score0.06431EPSS
Exploits0References14Affected Software2
NVD
NVD
added 2016/04/14 2:59 p.m.19 views

CVE-2015-8540

Integer underflow in the pngcheckkeyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG...

9.3CVSS7.1AI score0.06431EPSS
Exploits0References19
Prion
Prion
added 2016/04/14 2:59 p.m.27 views

Integer overflow

Integer underflow in the pngcheckkeyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG...

9.3CVSS7.2AI score0.06431EPSS
Exploits0References19Affected Software7
CVE
CVE
added 2016/04/14 2:0 p.m.198 views

CVE-2015-8540

CVE-2015-8540: libpng contains an integer underflow in png_check_keyword (pngwutil.c) that allows remote attackers to trigger an out-of-bounds read via a space character used as a PNG keyword. Affected families include libpng 0.90–0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x an...

9.3CVSS9.1AI score0.06431EPSS
Exploits0References19Affected Software4
OSV
OSV
added 2015/12/11 12:0 a.m.6 views

UBUNTU-CVE-2015-8540

Integer underflow in the pngcheckkeyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG...

8.8CVSS7.2AI score0.06431EPSS
Exploits0References4
Prion
Prion
added 2009/01/15 5:30 p.m.25 views

Double free

The pngcheckkeyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords, related to an implicit cast of the '\0'...

5CVSS6.4AI score0.02558EPSS
Exploits0References10Affected Software2
NVD
NVD
added 2009/01/15 5:30 p.m.23 views

CVE-2008-5907

The pngcheckkeyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords, related to an implicit cast of the '\0'...

5CVSS6.2AI score0.02558EPSS
Exploits0References10
Rows per page
Query Builder