CVE-2014-9495 (retired)

Priority
Description
Heap-based buffer overflow in the png_combine_row function in libpng before
1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow
context-dependent attackers to execute arbitrary code via a "very wide
interlaced" PNG image.
Notes
 mdeslaur> only 1.5.x and 1.6.x
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
More Information

Updated: 2019-03-26 12:13:52 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)