Showing 1 - 3 of 3

CVE-2014-9495

Status Candidate

Overview

Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image.

Related Files

Apple Security Advisory 2016-03-21-5: Posted Mar 22, 2016; Authored by Apple | Site apple.com; Apple Security Advisory 2016-03-21-5 - OS X El Capitan 10.11.4 and Security Update 2016-002 is now available and addresses code execution, memory corruption, and various other vulnerabilities.; tags | advisory, vulnerability, code execution; systems | apple, osx; advisories | CVE-2014-9495, CVE-2015-0973, CVE-2015-1819, CVE-2015-3195, CVE-2015-5312, CVE-2015-5333, CVE-2015-5334, CVE-2015-7499, CVE-2015-7500, CVE-2015-7551, CVE-2015-7942, CVE-2015-8035, CVE-2015-8126, CVE-2015-8242, CVE-2015-8472, CVE-2015-8659, CVE-2016-0777, CVE-2016-0778, CVE-2016-0801, CVE-2016-0802, CVE-2016-1732, CVE-2016-1733, CVE-2016-1734, CVE-2016-1735, CVE-2016-1736, CVE-2016-1737, CVE-2016-1738, CVE-2016-1740; SHA-256 | 70ee7534060a15cce4887519635499ad26a30d4596bdf4d28ce6ea94b25fefad; Download | Favorite | View

Mandriva Linux Security Advisory 2015-090: Posted Mar 30, 2015; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2015-090 - The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service via an IDAT chunk with a length of zero. libpng versions 1.6.9 through 1.6.15 have an integer-overflow vulnerability in png_combine_row() when decoding very wide interlaced images, which can allow an attacker to overwrite an arbitrary amount of memory with arbitrary data.; tags | advisory, remote, denial of service, overflow, arbitrary; systems | linux, mandriva; advisories | CVE-2014-0333, CVE-2014-9495; SHA-256 | 721892150da01f6313a1b99a68e76de5d0f151f714d22a4bb6438918cbb8aa9b; Download | Favorite | View

Gentoo Linux Security Advisory 201502-10: Posted Feb 16, 2015; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201502-10 - Two vulnerabilities have been found in libpng, possibly resulting in execution of arbitrary code. Versions less than 1.6.16 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2014-9495; SHA-256 | 67d11ac2a7cb95e97d8640dff6a24b5b8ed323460de161e636a523867f73d0ca; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 318 files
Ubuntu 67 files
Debian 25 files
LiquidWorm 11 files
Valentin Lobstein 10 files
nu11secur1ty 8 files
Milad Karimi 6 files
Google Security Research 5 files
liquidsky 3 files
Erdemstar 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,025)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,485)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,706)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,480)
UNIX (9,394)
UnixWare (187)
Windows (6,653)
Other

CVE-2014-9495

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems