CVE-2015-8126

HIGH

Description

Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.

References

http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html

http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172324.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172769.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172797.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172823.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177344.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177382.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174905.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174936.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175073.html

http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html

http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00034.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html

http://lists.opensuse.org/opensuse-updates/2015-11/msg00159.html

http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html

http://lists.opensuse.org/opensuse-updates/2015-12/msg00062.html

http://lists.opensuse.org/opensuse-updates/2015-12/msg00063.html

http://lists.opensuse.org/opensuse-updates/2016-01/msg00028.html

http://lists.opensuse.org/opensuse-updates/2016-01/msg00029.html

http://lists.opensuse.org/opensuse-updates/2016-01/msg00030.html

http://rhn.redhat.com/errata/RHSA-2015-2594.html

http://rhn.redhat.com/errata/RHSA-2015-2595.html

http://rhn.redhat.com/errata/RHSA-2015-2596.html

http://rhn.redhat.com/errata/RHSA-2016-0055.html

http://rhn.redhat.com/errata/RHSA-2016-0056.html

http://rhn.redhat.com/errata/RHSA-2016-0057.html

http://www.debian.org/security/2015/dsa-3399

http://www.debian.org/security/2016/dsa-3507

http://www.openwall.com/lists/oss-security/2015/11/12/2

http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

http://www.securityfocus.com/bid/77568

http://www.securitytracker.com/id/1034142

http://www.ubuntu.com/usn/USN-2815-1

https://access.redhat.com/errata/RHSA-2016:1430

https://code.google.com/p/chromium/issues/detail?id=560291

https://kc.mcafee.com/corporate/index?page=content&id=SB10148

https://security.gentoo.org/glsa/201603-09

https://security.gentoo.org/glsa/201611-08

https://support.apple.com/HT206167

Details

Source: MITRE

Published: 2015-11-13

Updated: 2020-08-31

Type: CWE-120

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 6

AND

OR

cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*

OR

cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

Configuration 7

OR

cpe:2.3:a:oracle:jdk:1.6.0:update_105:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update_91:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:update65:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_105:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update_91:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:update_65:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:update_66:*:*:*:*:*:*

cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*

cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

Configuration 8

OR

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 9

OR

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*

Tenable Plugins

View all (97 total)

IDNameProductFamilySeverity
124894EulerOS Virtualization for ARM 64 3.0.1.0 : libpng12 (EulerOS-SA-2019-1391)NessusHuawei Local Security Checks
high
700654Oracle Java SE 6 < Update 111 / 7 < Update 95 / 8 < Update 71 Multiple Vulnerabilities (January 2016 CPU) (SLOTH)Nessus Network MonitorWeb Clients
critical
119974SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0428-1) (SLOTH)NessusSuSE Local Security Checks
critical
94892GLSA-201611-08 : libpng: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
92400RHEL 5 / 6 : java-1.7.0-ibm and java-1.7.1-ibm (RHSA-2016:1430) (SLOTH)NessusRed Hat Local Security Checks
critical
91772openSUSE Security Update : vlc (openSUSE-2016-754)NessusSuSE Local Security Checks
high
91436F5 Networks BIG-IP : Libpng vulnerability (SOL76930736)NessusF5 Networks Local Security Checks
high
9327Mac OS X 10.11.x < 10.11.4 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
critical
91331F5 Networks BIG-IP : Libpng vulnerability (K81903701)NessusF5 Networks Local Security Checks
high
9267VLC Media Player < 2.2.2 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
90107openSUSE Security Update : Chromium (openSUSE-2016-664)NessusSuSE Local Security Checks
critical
90097Mac OS X 10.9.5 / 10.10.5 Multiple Vulnerabilities (Security Update 2016-002)NessusMacOS X Local Security Checks
critical
90096Mac OS X 10.11.x < 10.11.4 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
89989SUSE SLES10 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0776-1) (SLOTH)NessusSuSE Local Security Checks
critical
89961SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0770-1) (SLOTH)NessusSuSE Local Security Checks
critical
89912openSUSE Security Update : Chromium (openSUSE-2016-330)NessusSuSE Local Security Checks
critical
89902GLSA-201603-09 : Chromium: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
89813openSUSE Security Update : Chromium (openSUSE-2016-316)NessusSuSE Local Security Checks
critical
89775SUSE SLES12 Security Update : Chromium (SUSE-SU-2016:0665-1)NessusSuSE Local Security Checks
critical
89721openSUSE Security Update : 4789 (4789-1) (deprecated)NessusSuSE Local Security Checks
critical
89697Debian DSA-3507-1 : chromium-browser - security updateNessusDebian Local Security Checks
critical
89686Google Chrome < 49.0.2623.75 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
89685Google Chrome < 49.0.2623.75 Multiple VulnerabilitiesNessusWindows
critical
89657SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2016:0636-1) (SLOTH)NessusSuSE Local Security Checks
critical
89587Fedora 23 : mingw-libpng-1.6.21-1.fc23 (2016-9a1c707b10)NessusFedora Local Security Checks
high
89527Fedora 22 : mingw-libpng-1.6.21-1.fc22 (2016-43735c33a7)NessusFedora Local Security Checks
high
89449Fedora 22 : libpng10-1.0.64-1.fc22 (2015-ec2ddd15d7)NessusFedora Local Security Checks
high
89405Fedora 23 : libpng15-1.5.25-1.fc23 (2015-c80ec85542)NessusFedora Local Security Checks
high
89365Fedora 22 : libpng12-1.2.56-1.fc22 (2015-ac8100927a)NessusFedora Local Security Checks
high
89331Fedora 22 : mingw-libpng-1.6.19-1.fc22 (2015-97fc1797fa)NessusFedora Local Security Checks
high
89317Fedora 23 : libpng10-1.0.65-1.fc23 (2015-8c475f7169)NessusFedora Local Security Checks
high
89313Fedora 21 : mingw-libpng-1.6.19-1.fc21 (2015-8a1243db75)NessusFedora Local Security Checks
high
89252Fedora 23 : libpng-1.6.17-4.fc23 (2015-5e52306c9c)NessusFedora Local Security Checks
high
89239Fedora 21 : libpng10-1.0.64-1.fc21 (2015-501493d853)NessusFedora Local Security Checks
high
89236Fedora 23 : libpng-1.6.17-3.fc23 (2015-4ad4998d00)NessusFedora Local Security Checks
high
89213Fedora 23 : libpng12-1.2.56-1.fc23 (2015-39499d9af8)NessusFedora Local Security Checks
high
89203Fedora 22 : libpng10-1.0.65-1.fc22 (2015-3461e976cb)NessusFedora Local Security Checks
high
89175Fedora 22 : libpng15-1.5.25-1.fc22 (2015-233750b6ab)NessusFedora Local Security Checks
high
89167Fedora 23 : libpng10-1.0.64-1.fc23 (2015-1d87313b7c)NessusFedora Local Security Checks
high
89152Fedora 23 : mingw-libpng-1.6.19-1.fc23 (2015-13668fff74)NessusFedora Local Security Checks
high
89053AIX Java Advisory : java_jan2016_advisory.asc (January 2016 CPU) (SLOTH)NessusAIX Local Security Checks
critical
88710SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2016:0433-1) (SLOTH)NessusSuSE Local Security Checks
critical
88709SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0431-1) (SLOTH)NessusSuSE Local Security Checks
critical
88692SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2016:0390-1) (SLOTH)NessusSuSE Local Security Checks
critical
88580Debian DLA-410-1 : openjdk-6 security update (SLOTH)NessusDebian Local Security Checks
critical
88557RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2016:0101) (SLOTH)NessusRed Hat Local Security Checks
critical
88556RHEL 5 : java-1.7.0-ibm (RHSA-2016:0100) (SLOTH)NessusRed Hat Local Security Checks
critical
88555RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2016:0099) (SLOTH)NessusRed Hat Local Security Checks
critical
88554RHEL 7 : java-1.8.0-ibm (RHSA-2016:0098) (SLOTH)NessusRed Hat Local Security Checks
critical
88541openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-115) (SLOTH)NessusSuSE Local Security Checks
critical
88540openSUSE Security Update : Java7 (openSUSE-2016-110) (SLOTH)NessusSuSE Local Security Checks
critical
88538openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-107) (SLOTH)NessusSuSE Local Security Checks
critical
88537openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-106) (SLOTH)NessusSuSE Local Security Checks
critical
88536openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-105) (SLOTH)NessusSuSE Local Security Checks
critical
88486SUSE SLED11 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:0269-1) (SLOTH)NessusSuSE Local Security Checks
critical
88485SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:0265-1) (SLOTH)NessusSuSE Local Security Checks
critical
88453SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2016:0256-1) (SLOTH)NessusSuSE Local Security Checks
critical
88121openSUSE Security Update : libpng15 (openSUSE-2016-31)NessusSuSE Local Security Checks
high
88120openSUSE Security Update : libpng12 (openSUSE-2016-30)NessusSuSE Local Security Checks
high
88118openSUSE Security Update : libpng16 (openSUSE-2016-28)NessusSuSE Local Security Checks
high
88076RHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2016:0057)NessusRed Hat Local Security Checks
critical
88075RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2016:0056) (SLOTH)NessusRed Hat Local Security Checks
critical
88074RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2016:0055) (SLOTH)NessusRed Hat Local Security Checks
critical
88046Oracle Java SE Multiple Vulnerabilities (January 2016 CPU) (SLOTH) (Unix)NessusMisc.
critical
88045Oracle Java SE Multiple Vulnerabilities (January 2016 CPU) (SLOTH)NessusWindows
critical
87867SUSE SLED11 / SLES11 Security Update : libpng12-0 (SUSE-SU-2016:0061-1)NessusSuSE Local Security Checks
high
87866SUSE SLED12 / SLES12 Security Update : libpng12 (SUSE-SU-2016:0050-1)NessusSuSE Local Security Checks
high
87864SUSE SLED12 / SLES12 Security Update : libpng15 (SUSE-SU-2016:0041-1)NessusSuSE Local Security Checks
high
87861SUSE SLED12 / SLES12 Security Update : libpng16 (SUSE-SU-2016:0027-1)NessusSuSE Local Security Checks
high
87585Scientific Linux Security Update : libpng on SL7.x x86_64 (20151209)NessusScientific Linux Local Security Checks
high
87584Scientific Linux Security Update : libpng12 on SL7.x x86_64 (20151209)NessusScientific Linux Local Security Checks
high
87446openSUSE Security Update : libpng16 (openSUSE-2015-904)NessusSuSE Local Security Checks
high
87445openSUSE Security Update : libpng12 (openSUSE-2015-902)NessusSuSE Local Security Checks
high
87308Scientific Linux Security Update : libpng on SL6.x i386/x86_64 (20151209)NessusScientific Linux Local Security Checks
high
87307RHEL 7 : libpng (RHSA-2015:2596)NessusRed Hat Local Security Checks
high
87306RHEL 7 : libpng12 (RHSA-2015:2595)NessusRed Hat Local Security Checks
high
87305RHEL 6 : libpng (RHSA-2015:2594)NessusRed Hat Local Security Checks
high
87303OracleVM 3.3 : libpng (OVMSA-2015-0153)NessusOracleVM Local Security Checks
high
87302Oracle Linux 7 : libpng (ELSA-2015-2596)NessusOracle Linux Local Security Checks
high
87301Oracle Linux 7 : libpng12 (ELSA-2015-2595)NessusOracle Linux Local Security Checks
high
87300Oracle Linux 6 : libpng (ELSA-2015-2594)NessusOracle Linux Local Security Checks
high
87285CentOS 7 : libpng (CESA-2015:2596)NessusCentOS Local Security Checks
high
87284CentOS 7 : libpng12 (CESA-2015:2595)NessusCentOS Local Security Checks
high
87283CentOS 6 : libpng (CESA-2015:2594)NessusCentOS Local Security Checks
high
87182Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : libpng (SSA:2015-337-01)NessusSlackware Local Security Checks
high
87087openSUSE Security Update : libpng12 (openSUSE-2015-826)NessusSuSE Local Security Checks
high
87086openSUSE Security Update : libpng16 (openSUSE-2015-825)NessusSuSE Local Security Checks
high
87082openSUSE Security Update : libpng12 (openSUSE-2015-802)NessusSuSE Local Security Checks
high
87081openSUSE Security Update : libpng16 (openSUSE-2015-801)NessusSuSE Local Security Checks
high
87015Amazon Linux AMI : libpng (ALAS-2015-611)NessusAmazon Linux Local Security Checks
high
86993Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libpng vulnerabilities (USN-2815-1)NessusUbuntu Local Security Checks
high
86942SUSE SLED12 / SLES12 Security Update : libpng12 (SUSE-SU-2015:2024-1)NessusSuSE Local Security Checks
high
86941SUSE SLED11 / SLES11 Security Update : libpng12-0 (SUSE-SU-2015:2017-1)NessusSuSE Local Security Checks
high
86940SUSE SLED12 / SLES12 Security Update : libpng16 (SUSE-SU-2015:2013-1)NessusSuSE Local Security Checks
high
86921Debian DSA-3399-1 : libpng - security updateNessusDebian Local Security Checks
high
86907Debian DLA-343-1 : libpng security updateNessusDebian Local Security Checks
high
86876FreeBSD : libpng buffer overflow in png_set_PLTE (1886e195-8b87-11e5-90e7-b499baebfeaf)NessusFreeBSD Local Security Checks
high