CVE-2015-0973
18.01.2015, 18:59
Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.Enginsight
Vendor | Product | Version |
---|---|---|
oracle | solaris | 11.2 |
libpng | libpng | 𝑥 ≤ 1.5.20 |
libpng | libpng | 1.6.0 |
libpng | libpng | 1.6.0:beta |
libpng | libpng | 1.6.1 |
libpng | libpng | 1.6.1:beta |
libpng | libpng | 1.6.2 |
libpng | libpng | 1.6.2:beta |
libpng | libpng | 1.6.3 |
libpng | libpng | 1.6.3:beta |
libpng | libpng | 1.6.4 |
libpng | libpng | 1.6.4:beta |
libpng | libpng | 1.6.5 |
libpng | libpng | 1.6.6 |
libpng | libpng | 1.6.7 |
libpng | libpng | 1.6.7:beta |
libpng | libpng | 1.6.8 |
libpng | libpng | 1.6.8:beta |
libpng | libpng | 1.6.9 |
libpng | libpng | 1.6.9:beta |
libpng | libpng | 1.6.10 |
libpng | libpng | 1.6.10:beta |
libpng | libpng | 1.6.11 |
libpng | libpng | 1.6.11:beta |
libpng | libpng | 1.6.12:beta |
libpng | libpng | 1.6.13 |
libpng | libpng | 1.6.13:beta |
libpng | libpng | 1.6.14 |
libpng | libpng | 1.6.14:beta |
libpng | libpng | 1.6.15 |
libpng | libpng | 1.6.15:beta |
apple | mac_os_x | 𝑥 ≤ 10.11.3 |
𝑥
= Vulnerable software versions

Debian Releases
Debian Product | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
libpng1.6 |
| ||||||||||||||
texlive-bin |
|

Ubuntu Releases
Common Weakness Enumeration
References