Exploit the possiblities
Showing 1 - 17 of 17 RSS Feed

CVE-2015-8126

Status Candidate

Overview

Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.

Related Files

Gentoo Linux Security Advisory 201611-08
Posted Nov 15, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-8 - Multiple vulnerabilities have been found in libpng, the worst of which may allow remote attackers to cause Denial of Service. Versions less than 1.6.21 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-7981, CVE-2015-8126, CVE-2015-8540
MD5 | 338856826bc1860d823880ef2a6c740d
Red Hat Security Advisory 2016-1430-01
Posted Jul 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1430-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to versions 7 SR9-FP40 and 7R1 SR3-FP40. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006, CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0264, CVE-2016-0363, CVE-2016-0376
MD5 | 8af2699b85d3c9ec404c4455e539b6f4
Apple Security Advisory 2016-03-21-5
Posted Mar 22, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-03-21-5 - OS X El Capitan 10.11.4 and Security Update 2016-002 is now available and addresses code execution, memory corruption, and various other vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, osx
advisories | CVE-2014-9495, CVE-2015-0973, CVE-2015-1819, CVE-2015-3195, CVE-2015-5312, CVE-2015-5333, CVE-2015-5334, CVE-2015-7499, CVE-2015-7500, CVE-2015-7551, CVE-2015-7942, CVE-2015-8035, CVE-2015-8126, CVE-2015-8242, CVE-2015-8472, CVE-2015-8659, CVE-2016-0777, CVE-2016-0778, CVE-2016-0801, CVE-2016-0802, CVE-2016-1732, CVE-2016-1733, CVE-2016-1734, CVE-2016-1735, CVE-2016-1736, CVE-2016-1737, CVE-2016-1738, CVE-2016-1740
MD5 | 627ce9820a6da1e5027ea19b5f314b42
Debian Security Advisory 3507-1
Posted Mar 7, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3507-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2015-8126, CVE-2016-1630, CVE-2016-1631, CVE-2016-1632, CVE-2016-1633, CVE-2016-1634, CVE-2016-1635, CVE-2016-1636, CVE-2016-1637, CVE-2016-1638, CVE-2016-1639, CVE-2016-1640, CVE-2016-1641, CVE-2016-1642
MD5 | aed71b4335e03c94381072424db20f72
Red Hat Security Advisory 2016-0101-01
Posted Feb 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0101-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494
MD5 | 9acfd3b5e4941b395c7820f9d0eb4298
Red Hat Security Advisory 2016-0099-01
Posted Feb 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0099-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494
MD5 | fefe5243d862c1c80e08e69d52faae0d
Red Hat Security Advisory 2016-0098-01
Posted Feb 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0098-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-5041, CVE-2015-7575, CVE-2015-8126, CVE-2015-8472, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0475, CVE-2016-0483, CVE-2016-0494
MD5 | 7385531c590ef60d955ed47b906bca69
Red Hat Security Advisory 2016-0100-01
Posted Feb 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0100-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494
MD5 | 360858236a9feaee389d66affabe62fb
Red Hat Security Advisory 2016-0056-01
Posted Jan 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0056-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-7575, CVE-2015-8126, CVE-2015-8472, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494
MD5 | 33bc0eab4652405903e8b99a1ba5e50b
Red Hat Security Advisory 2016-0055-01
Posted Jan 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0055-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-7575, CVE-2015-8126, CVE-2015-8472, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0475, CVE-2016-0483, CVE-2016-0494
MD5 | 5ffbade2b9d9655ff8f9c8753b626b18
Red Hat Security Advisory 2016-0057-01
Posted Jan 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0057-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-8126, CVE-2015-8472, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494
MD5 | 301a5980ca11ed74c368370e43947c37
Red Hat Security Advisory 2015-2594-01
Posted Dec 10, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2594-01 - The libpng packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7981, CVE-2015-8126, CVE-2015-8472
MD5 | 5eae6c77d390745cf6a6326945449864
Red Hat Security Advisory 2015-2596-01
Posted Dec 10, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2596-01 - The libpng packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-8126, CVE-2015-8472
MD5 | 1719a94709cb8cce70faf6399ffe8fda
Red Hat Security Advisory 2015-2595-01
Posted Dec 10, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2595-01 - The libpng12 packages contain a library of functions for creating and manipulating PNG image format files. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7981, CVE-2015-8126, CVE-2015-8472
MD5 | 5e87081c29a5a4c567a58e96135e9230
Slackware Security Advisory - libpng Updates
Posted Dec 3, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libpng packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-7981
MD5 | 6b33b74cf7e84be4db2211c0e73b8088
Ubuntu Security Notice USN-2815-1
Posted Nov 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2815-1 - Mikulas Patocka discovered that libpng incorrectly handled certain large fields. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause libpng to crash, leading to a denial of service. This issue only affected Ubuntu 12.04 LTS. Qixue Xiao discovered that libpng incorrectly handled certain time values. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause libpng to crash, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2012-3425, CVE-2015-7981, CVE-2015-8126
MD5 | 201bef84a36d4a9c9284745646519594
Debian Security Advisory 3399-1
Posted Nov 19, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3399-1 - Several vulnerabilities have been discovered in the libpng PNG library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-7981, CVE-2015-8126
MD5 | a1b2d285dddbe99c7b148802d2b4c4ed
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    33 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close