Back to search
CVE-2015-7981
Published: Nov 24, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
77304
vdb-entry
x_refsource_BID
[oss-security] 20151026 CVE Requests for read out of bound in libpng
mailing-list
x_refsource_MLIST
openSUSE-SU-2015:2136
vendor-advisory
x_refsource_SUSE
http://sourceforge.net/projects/libpng/files/libpng10/1.0.64/
x_refsource_CONFIRM
FEDORA-2015-ec2ddd15d7
vendor-advisory
x_refsource_FEDORA
GLSA-201611-08
vendor-advisory
x_refsource_GENTOO
[oss-security] 20151026 Re: CVE Requests for read out of bound in libpng
mailing-list
x_refsource_MLIST
FEDORA-2015-501493d853
vendor-advisory
x_refsource_FEDORA
http://sourceforge.net/projects/libpng/files/libpng12/1.2.54/
x_refsource_CONFIRM
RHSA-2016:1430
vendor-advisory
x_refsource_REDHAT
FEDORA-2015-1d87313b7c
vendor-advisory
x_refsource_FEDORA
DSA-3399
vendor-advisory
x_refsource_DEBIAN
RHSA-2015:2595
vendor-advisory
x_refsource_REDHAT
http://sourceforge.net/projects/libpng/files/libpng14/1.4.17/
x_refsource_CONFIRM
1034393
vdb-entry
x_refsource_SECTRACK
http://sourceforge.net/p/libpng/bugs/241/
x_refsource_CONFIRM
openSUSE-SU-2015:2099
vendor-advisory
x_refsource_SUSE
USN-2815-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2015:2594
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now