exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

CVE-2015-8126

Status Candidate

Overview

Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.

Related Files

Gentoo Linux Security Advisory 201611-08
Posted Nov 15, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-8 - Multiple vulnerabilities have been found in libpng, the worst of which may allow remote attackers to cause Denial of Service. Versions less than 1.6.21 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-7981, CVE-2015-8126, CVE-2015-8540
SHA-256 | af56e343ff091a131c14cea1b83ea801e986ee721dab18820a2a08392abce80f
Red Hat Security Advisory 2016-1430-01
Posted Jul 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1430-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to versions 7 SR9-FP40 and 7R1 SR3-FP40. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006, CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0264, CVE-2016-0363, CVE-2016-0376
SHA-256 | 2e0dead1b133f8a72d51a82a75b7622573a3e29ce6a7ae5ab0f9a63e34cd23a3
Apple Security Advisory 2016-03-21-5
Posted Mar 22, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-03-21-5 - OS X El Capitan 10.11.4 and Security Update 2016-002 is now available and addresses code execution, memory corruption, and various other vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, osx
advisories | CVE-2014-9495, CVE-2015-0973, CVE-2015-1819, CVE-2015-3195, CVE-2015-5312, CVE-2015-5333, CVE-2015-5334, CVE-2015-7499, CVE-2015-7500, CVE-2015-7551, CVE-2015-7942, CVE-2015-8035, CVE-2015-8126, CVE-2015-8242, CVE-2015-8472, CVE-2015-8659, CVE-2016-0777, CVE-2016-0778, CVE-2016-0801, CVE-2016-0802, CVE-2016-1732, CVE-2016-1733, CVE-2016-1734, CVE-2016-1735, CVE-2016-1736, CVE-2016-1737, CVE-2016-1738, CVE-2016-1740
SHA-256 | 70ee7534060a15cce4887519635499ad26a30d4596bdf4d28ce6ea94b25fefad
Debian Security Advisory 3507-1
Posted Mar 7, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3507-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2015-8126, CVE-2016-1630, CVE-2016-1631, CVE-2016-1632, CVE-2016-1633, CVE-2016-1634, CVE-2016-1635, CVE-2016-1636, CVE-2016-1637, CVE-2016-1638, CVE-2016-1639, CVE-2016-1640, CVE-2016-1641, CVE-2016-1642
SHA-256 | d43c9bf4f0b9ec302e70ab07d62a1c9aca98d089c0dffc06400b3bafb689ed34
Red Hat Security Advisory 2016-0101-01
Posted Feb 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0101-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494
SHA-256 | 63895a835faf073a57a9ba6a57a62ba8a4634bf64fa823b2a6994b09cf68ffd2
Red Hat Security Advisory 2016-0099-01
Posted Feb 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0099-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494
SHA-256 | 6ebaf7d75c3ae9993db5836bd9a36e387e94f436d98dd756ca7eb580920bbefc
Red Hat Security Advisory 2016-0098-01
Posted Feb 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0098-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-5041, CVE-2015-7575, CVE-2015-8126, CVE-2015-8472, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0475, CVE-2016-0483, CVE-2016-0494
SHA-256 | bec252009b00ff84b6be0894538e01d03f865c5c5c0b9f60b8494ad259de8c85
Red Hat Security Advisory 2016-0100-01
Posted Feb 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0100-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494
SHA-256 | 136f4ec16f28d13aae6f2aa70faa38065d737b72856de9a91806e921af4a23bf
Red Hat Security Advisory 2016-0056-01
Posted Jan 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0056-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-7575, CVE-2015-8126, CVE-2015-8472, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494
SHA-256 | 63ba3e35e78846c54fbf5b6d993d7ce4b576d0f774abf220f2138ecdd96aca87
Red Hat Security Advisory 2016-0055-01
Posted Jan 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0055-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-7575, CVE-2015-8126, CVE-2015-8472, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0475, CVE-2016-0483, CVE-2016-0494
SHA-256 | b40448498e10595f080684d063b66d9b1e04c6fba568af426eba2d3e33aaefa4
Red Hat Security Advisory 2016-0057-01
Posted Jan 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0057-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-8126, CVE-2015-8472, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494
SHA-256 | e11cf361ce84a75486b6566fd82f9240bd8c241d9863dfa68221e3b538e0039c
Red Hat Security Advisory 2015-2594-01
Posted Dec 10, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2594-01 - The libpng packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7981, CVE-2015-8126, CVE-2015-8472
SHA-256 | 0a20de8b0299da5566af857a071951410140d34f6aaeb77c80535ea079bde800
Red Hat Security Advisory 2015-2596-01
Posted Dec 10, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2596-01 - The libpng packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-8126, CVE-2015-8472
SHA-256 | 0031e7373b39060ea4661594cb1b8dba07adeabfd1c2fccfe7cc824bec5ca1e8
Red Hat Security Advisory 2015-2595-01
Posted Dec 10, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2595-01 - The libpng12 packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7981, CVE-2015-8126, CVE-2015-8472
SHA-256 | 96360e20947b955a82739150db40d5e1ae265d730fee1f96f667bd15e504c4b3
Slackware Security Advisory - libpng Updates
Posted Dec 3, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libpng packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-7981
SHA-256 | b00153fe943a9ec2ec32ab0fb50b52c57aae3585e8201e2d9960cfe0a2ae70db
Ubuntu Security Notice USN-2815-1
Posted Nov 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2815-1 - Mikulas Patocka discovered that libpng incorrectly handled certain large fields. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause libpng to crash, leading to a denial of service. This issue only affected Ubuntu 12.04 LTS. Qixue Xiao discovered that libpng incorrectly handled certain time values. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause libpng to crash, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2012-3425, CVE-2015-7981, CVE-2015-8126
SHA-256 | 3f66141721123e6e77158af7cb6d3179568157de879748ae7ba8e9b651149f13
Debian Security Advisory 3399-1
Posted Nov 19, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3399-1 - Several vulnerabilities have been discovered in the libpng PNG library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-7981, CVE-2015-8126
SHA-256 | fc770fc5d8fb31cbec5d8f894af8183e571f9cdcc0236dffad328691216700da
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close