CVE-2015-8540

HIGH

Description

Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.

ID	Name	Product	Family	Severity
124924	EulerOS Virtualization 3.0.1.0 : libpng (EulerOS-SA-2019-1421)	Nessus	Huawei Local Security Checks	high
119974	SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0428-1) (SLOTH)	Nessus	SuSE Local Security Checks	critical
99428	openSUSE Security Update : libpng15 (openSUSE-2017-477)	Nessus	SuSE Local Security Checks	high
99243	SUSE SLED12 / SLES12 Security Update : libpng15 (SUSE-SU-2017:0950-1)	Nessus	SuSE Local Security Checks	high
99211	openSUSE Security Update : libpng12 (openSUSE-2017-441)	Nessus	SuSE Local Security Checks	high
99165	SUSE SLES11 Security Update : libpng12-0 (SUSE-SU-2017:0901-1)	Nessus	SuSE Local Security Checks	high
99088	SUSE SLED12 / SLES12 Security Update : libpng12 (SUSE-SU-2017:0860-1)	Nessus	SuSE Local Security Checks	high
94892	GLSA-201611-08 : libpng: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
94426	openSUSE Security Update : libpng12 (openSUSE-2016-1243)	Nessus	SuSE Local Security Checks	high
92678	Debian DLA-375-1 : libpng Security Update	Nessus	Debian Local Security Checks	high
92400	RHEL 5 / 6 : java-1.7.0-ibm and java-1.7.1-ibm (RHSA-2016:1430) (SLOTH)	Nessus	Red Hat Local Security Checks	critical
89989	SUSE SLES10 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0776-1) (SLOTH)	Nessus	SuSE Local Security Checks	critical
89961	SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0770-1) (SLOTH)	Nessus	SuSE Local Security Checks	critical
89657	SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2016:0636-1) (SLOTH)	Nessus	SuSE Local Security Checks	critical
89365	Fedora 22 : libpng12-1.2.56-1.fc22 (2015-ac8100927a)	Nessus	Fedora Local Security Checks	high
89213	Fedora 23 : libpng12-1.2.56-1.fc23 (2015-39499d9af8)	Nessus	Fedora Local Security Checks	high
89211	Fedora 23 : libpng10-1.0.66-1.fc23 (2015-3868cfa17b)	Nessus	Fedora Local Security Checks	high
89137	Fedora 22 : libpng10-1.0.66-1.fc22 (2015-0a543024bf)	Nessus	Fedora Local Security Checks	high
89053	AIX Java Advisory : java_jan2016_advisory.asc (January 2016 CPU) (SLOTH)	Nessus	AIX Local Security Checks	critical
88710	SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2016:0433-1) (SLOTH)	Nessus	SuSE Local Security Checks	critical
88709	SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0431-1) (SLOTH)	Nessus	SuSE Local Security Checks	critical
88557	RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2016:0101) (SLOTH)	Nessus	Red Hat Local Security Checks	critical
88556	RHEL 5 : java-1.7.0-ibm (RHSA-2016:0100) (SLOTH)	Nessus	Red Hat Local Security Checks	critical
88555	RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2016:0099) (SLOTH)	Nessus	Red Hat Local Security Checks	critical
87899	Debian DSA-3443-1 : libpng - security update	Nessus	Debian Local Security Checks	high
87774	Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libpng vulnerabilities (USN-2861-1)	Nessus	Ubuntu Local Security Checks	high
87478	Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : libpng (SSA:2015-351-02)	Nessus	Slackware Local Security Checks	high

CVE-2015-8540

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0