CVE-2015-0973
Published: 18 January 2015
Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.
Notes
Author | Note |
---|---|
mdeslaur | only affects libpng 1.5 and 1.6 texlive-bin has libpng 1.2 or uses system libpng |
Priority
Status
Package | Release | Status |
---|---|---|
libpng Launchpad, Ubuntu, Debian |
lucid |
Not vulnerable
|
precise |
Not vulnerable
|
|
trusty |
Not vulnerable
|
|
upstream |
Released
(1.5.21, 1.6.16)
|
|
utopic |
Not vulnerable
|
|
texlive-bin Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Not vulnerable
|
|
trusty |
Does not exist
(trusty was not-affected)
|
|
upstream |
Released
(2014.20140926.35254-6)
|
|
utopic |
Not vulnerable
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973
- http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt
- http://mid.gmane.org/Pine.LNX.4.64.1501101510150.31425@beijing.mitre.org
- http://www.openwall.com/lists/oss-security/2015/01/10/3
- http://www.openwall.com/lists/oss-security/2015/01/10/1
- http://sourceforge.net/p/png-mng/mailman/message/33173461/
- NVD
- Launchpad
- Debian