Required CVE Record Information
Description
Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image.
References 11 Total
- openwall.com: [oss-security] 20150103 Re: CVE Request: libpng 1.6.15 Heap Overflow mailing-list
- securityfocus.com: 71820 vdb-entry
- lists.apple.com: APPLE-SA-2016-03-21-5 vendor-advisory
- https://support.apple.com/HT206167
- sourceforge.net: [png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available mailing-list
- openwall.com: [oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow mailing-list
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- openwall.com: [oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow mailing-list
- sourceforge.net: [png-mng-implement] 20141221 Re: libpng-1.5.21rc02 and 1.6.16rc02 are available mailing-list
- securitytracker.com: 1031444 vdb-entry
- secunia.com: 62725 third-party-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 11 Total
- openwall.com: [oss-security] 20150103 Re: CVE Request: libpng 1.6.15 Heap Overflow mailing-listx_transferred
- securityfocus.com: 71820 vdb-entryx_transferred
- lists.apple.com: APPLE-SA-2016-03-21-5 vendor-advisoryx_transferred
- https://support.apple.com/HT206167 x_transferred
- sourceforge.net: [png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available mailing-listx_transferred
- openwall.com: [oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow mailing-listx_transferred
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html x_transferred
- openwall.com: [oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow mailing-listx_transferred
- sourceforge.net: [png-mng-implement] 20141221 Re: libpng-1.5.21rc02 and 1.6.16rc02 are available mailing-listx_transferred
- securitytracker.com: 1031444 vdb-entryx_transferred
- secunia.com: 62725 third-party-advisoryx_transferred