Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2015-8472

Published: 21/01/2016 Updated: 04/11/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 7.3 | Impact Score: 3.4 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Apple

Vulnerability Summary

Buffer overflow in the png_set_PLTE function in libpng prior to 1.0.65, 1.1.x and 1.2.x prior to 1.2.55, 1.3.x, 1.4.x prior to 1.4.18, 1.5.x prior to 1.5.25, and 1.6.x prior to 1.6.20 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple mac os x

libpng libpng 1.6.18

libpng libpng 1.6.17

libpng libpng 1.6.10

libpng libpng 1.6.9

libpng libpng 1.6.2

libpng libpng 1.6.1

libpng libpng 1.5.17

libpng libpng 1.5.16

libpng libpng 1.5.9

libpng libpng 1.5.8

libpng libpng 1.5.23

libpng libpng 1.5.1

libpng libpng 1.4.17

libpng libpng 1.4.10

libpng libpng 1.4.9

libpng libpng 1.4.2

libpng libpng 1.4.1

libpng libpng 1.2.49

libpng libpng 1.2.48

libpng libpng 1.2.47

libpng libpng 1.2.40

libpng libpng 1.2.4

libpng libpng 1.2.33

libpng libpng 1.6.14

libpng libpng 1.6.13

libpng libpng 1.6.6

libpng libpng 1.6.5

libpng libpng 1.5.21

libpng libpng 1.5.20

libpng libpng 1.5.13

libpng libpng 1.5.12

libpng libpng 1.5.5

libpng libpng 1.5.4

libpng libpng 1.4.14

libpng libpng 1.4.13

libpng libpng 1.4.6

libpng libpng 1.6.19

libpng libpng 1.6.12

libpng libpng 1.6.11

libpng libpng 1.6.4

libpng libpng 1.6.3

libpng libpng 1.5.19

libpng libpng 1.5.18

libpng libpng 1.5.11

libpng libpng 1.5.10

libpng libpng 1.5.3

libpng libpng 1.5.2

libpng libpng 1.4.12

libpng libpng 1.4.11

libpng libpng 1.4.4

libpng libpng 1.4.3

libpng libpng 1.2.51

libpng libpng 1.2.50

libpng libpng 1.2.42

libpng libpng 1.2.41

libpng libpng 1.2.35

libpng libpng 1.2.34

libpng libpng 1.2.28

libpng libpng 1.2.27

libpng libpng 1.2.26

libpng libpng 1.2.2

libpng libpng 1.2.19

libpng libpng 1.2.12

libpng libpng 1.2.11

libpng libpng 1.2.32

libpng libpng 1.2.25

libpng libpng 1.2.24

libpng libpng 1.2.18

libpng libpng 1.2.17

libpng libpng 1.2.10

libpng libpng 1.2.1

libpng libpng 1.4.5

libpng libpng 1.2.53

libpng libpng 1.2.52

libpng libpng 1.2.44

libpng libpng 1.2.43

libpng libpng 1.2.37

libpng libpng 1.2.36

libpng libpng 1.2.3

libpng libpng 1.2.29

libpng libpng 1.2.21

libpng libpng 1.2.20

libpng libpng 1.2.14

libpng libpng 1.2.13

libpng libpng 1.6.16

libpng libpng 1.6.15

libpng libpng 1.6.8

libpng libpng 1.6.7

libpng libpng 1.6.0

libpng libpng 1.5.24

libpng libpng 1.5.22

libpng libpng 1.5.15

libpng libpng 1.5.14

libpng libpng 1.5.7

libpng libpng 1.5.6

libpng libpng 1.4.16

libpng libpng 1.4.15

libpng libpng 1.4.8

libpng libpng 1.4.7

libpng libpng 1.4.0

libpng libpng 1.2.54

libpng libpng 1.2.46

libpng libpng 1.2.45

libpng libpng 1.2.39

libpng libpng 1.2.38

libpng libpng 1.2.31

libpng libpng 1.2.30

libpng libpng 1.2.23

libpng libpng 1.2.22

libpng libpng 1.2.16

libpng libpng 1.2.15

libpng libpng 1.2.0

libpng libpng 1.0.64

Vendor Advisories

Ubuntu Security Notice: libpng vulnerabilities
libpng could be made to crash or run programs as your login if it opened a specially crafted file ...
Debian CVElist Bug Report Logs: libpng: Incomplete fix for CVE-2015-8126
Debian Bug report logs - #807112 libpng: Incomplete fix for CVE-2015-8126 Package: src:libpng; Maintainer for src:libpng is Anibal Monsalve Salazar <anibal@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 5 Dec 2015 13:27:02 UTC Severity: serious Tags: fixed-upstream, security, upstream ...
Debian CVElist Bug Report Logs: libpng: CVE-2015-8540: read underflow in libpng
Debian Bug report logs - #807694 libpng: CVE-2015-8540: read underflow in libpng Package: src:libpng; Maintainer for src:libpng is Anibal Monsalve Salazar <anibal@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 11 Dec 2015 16:48:01 UTC Severity: serious Tags: fixed-upstream, jessie, patc ...
Red Hat: Moderate: libpng12 security update
Synopsis Moderate: libpng12 security update Type/Severity Security Advisory: Moderate Topic Updated libpng12 packages that fix three security issues are now availablefor Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having Moderate securityimpact Common Vulnerability Scoring ...
Red Hat: Moderate: libpng security update
Synopsis Moderate: libpng security update Type/Severity Security Advisory: Moderate Topic Updated libpng packages that fix three security issues are now availablefor Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having Moderate securityimpact Common Vulnerability Scoring Syst ...
Red Hat: Moderate: libpng security update
Synopsis Moderate: libpng security update Type/Severity Security Advisory: Moderate Topic Updated libpng packages that fix one security issue are now availablefor Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having Moderate securityimpact A Common Vulnerability Scoring Syste ...
Debian Security Advisories: DSA-3443-1 libpng -- security update
Several vulnerabilities have been discovered in the libpng PNG library The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-8472 It was discovered that the original fix for CVE-2015-8126 was incomplete and did not detect a potential overrun by applications using png_set_PLTE directly A remo ...
Amazon Linux AMI: ALAS-2015-615
It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8 In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads An attacker coul ...
Red Hat: CVE-2015-8472
It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8 In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads An attacker coul ...

References

CWE-119http://sourceforge.net/projects/libpng/files/libpng16/1.6.20/http://www.openwall.com/lists/oss-security/2015/12/03/6http://sourceforge.net/projects/libpng/files/libpng12/1.2.55/http://sourceforge.net/projects/libpng/files/libpng10/1.0.65/http://sourceforge.net/projects/libpng/files/libpng14/1.4.18/http://www.securityfocus.com/bid/78624http://sourceforge.net/projects/libpng/files/libpng15/1.5.25/http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlhttps://support.apple.com/HT206167http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2016-January/174905.htmlhttp://rhn.redhat.com/errata/RHSA-2015-2596.htmlhttp://rhn.redhat.com/errata/RHSA-2015-2595.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2016-January/175073.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2016-January/174936.htmlhttp://rhn.redhat.com/errata/RHSA-2015-2594.htmlhttp://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlhttps://access.redhat.com/errata/RHSA-2016:1430https://kc.mcafee.com/corporate/index?page=content&id=SB10148http://rhn.redhat.com/errata/RHSA-2016-0057.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0056.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0055.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.htmlhttp://www.debian.org/security/2016/dsa-3443https://usn.ubuntu.com/2861-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook