Vulnerability-Lookup

CVE-2014-9495 (GCVE-0-2014-9495)

Vulnerability from cvelistv5 – Published: 2015-01-10 19:00 – Updated: 2025-06-09 15:16

Summary

Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Assigner

mitre

References

URL

Tags

	http://www.openwall.com/lists/oss-security/2015/01/04/3	mailing-listx_refsource_MLIST
	http://www.securityfocus.com/bid/71820	vdb-entryx_refsource_BID
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	https://support.apple.com/HT206167	x_refsource_CONFIRM
	http://sourceforge.net/p/png-mng/mailman/message/…	mailing-listx_refsource_MLIST
	http://www.openwall.com/lists/oss-security/2015/01/10/1	mailing-listx_refsource_MLIST
	http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2015/01/10/3	mailing-listx_refsource_MLIST
	http://sourceforge.net/p/png-mng/mailman/message/…	mailing-listx_refsource_MLIST
	http://www.securitytracker.com/id/1031444	vdb-entryx_refsource_SECTRACK
	http://secunia.com/advisories/62725	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:47:41.383Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20150103 Re: CVE Request: libpng 1.6.15 Heap Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/01/04/3"
          },
          {
            "name": "71820",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/71820"
          },
          {
            "name": "APPLE-SA-2016-03-21-5",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT206167"
          },
          {
            "name": "[png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/p/png-mng/mailman/message/33173461/"
          },
          {
            "name": "[oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/01/10/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
          },
          {
            "name": "[oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/01/10/3"
          },
          {
            "name": "[png-mng-implement] 20141221 Re: libpng-1.5.21rc02 and 1.6.16rc02 are available",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/p/png-mng/mailman/message/33172831/"
          },
          {
            "name": "1031444",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1031444"
          },
          {
            "name": "62725",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/62725"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2014-9495",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-09T15:14:59.794156Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-122",
                "description": "CWE-122 Heap-based Buffer Overflow",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-09T15:16:20.021Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-22T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a \"very wide interlaced\" PNG image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20150103 Re: CVE Request: libpng 1.6.15 Heap Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/01/04/3"
        },
        {
          "name": "71820",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/71820"
        },
        {
          "name": "APPLE-SA-2016-03-21-5",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT206167"
        },
        {
          "name": "[png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://sourceforge.net/p/png-mng/mailman/message/33173461/"
        },
        {
          "name": "[oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/01/10/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
        },
        {
          "name": "[oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/01/10/3"
        },
        {
          "name": "[png-mng-implement] 20141221 Re: libpng-1.5.21rc02 and 1.6.16rc02 are available",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://sourceforge.net/p/png-mng/mailman/message/33172831/"
        },
        {
          "name": "1031444",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1031444"
        },
        {
          "name": "62725",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/62725"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9495",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a \"very wide interlaced\" PNG image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20150103 Re: CVE Request: libpng 1.6.15 Heap Overflow",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/01/04/3"
            },
            {
              "name": "71820",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/71820"
            },
            {
              "name": "APPLE-SA-2016-03-21-5",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
            },
            {
              "name": "https://support.apple.com/HT206167",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT206167"
            },
            {
              "name": "[png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available",
              "refsource": "MLIST",
              "url": "http://sourceforge.net/p/png-mng/mailman/message/33173461/"
            },
            {
              "name": "[oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/01/10/1"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
            },
            {
              "name": "[oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/01/10/3"
            },
            {
              "name": "[png-mng-implement] 20141221 Re: libpng-1.5.21rc02 and 1.6.16rc02 are available",
              "refsource": "MLIST",
              "url": "http://sourceforge.net/p/png-mng/mailman/message/33172831/"
            },
            {
              "name": "1031444",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1031444"
            },
            {
              "name": "62725",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/62725"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9495",
    "datePublished": "2015-01-10T19:00:00.000Z",
    "dateReserved": "2015-01-03T00:00:00.000Z",
    "dateUpdated": "2025-06-09T15:16:20.021Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2015/01/04/3\", \"name\": \"[oss-security] 20150103 Re: CVE Request: libpng 1.6.15 Heap Overflow\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/71820\", \"name\": \"71820\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html\", \"name\": \"APPLE-SA-2016-03-21-5\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\", \"x_transferred\"]}, {\"url\": \"https://support.apple.com/HT206167\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://sourceforge.net/p/png-mng/mailman/message/33173461/\", \"name\": \"[png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/01/10/1\", \"name\": \"[oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/01/10/3\", \"name\": \"[oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://sourceforge.net/p/png-mng/mailman/message/33172831/\", \"name\": \"[png-mng-implement] 20141221 Re: libpng-1.5.21rc02 and 1.6.16rc02 are available\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1031444\", \"name\": \"1031444\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/62725\", \"name\": \"62725\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-06T13:47:41.383Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2014-9495\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-06-09T15:14:59.794156Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-122\", \"description\": \"CWE-122 Heap-based Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-09T15:12:32.955Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2014-12-22T00:00:00.000Z\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2015/01/04/3\", \"name\": \"[oss-security] 20150103 Re: CVE Request: libpng 1.6.15 Heap Overflow\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://www.securityfocus.com/bid/71820\", \"name\": \"71820\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html\", \"name\": \"APPLE-SA-2016-03-21-5\", \"tags\": [\"vendor-advisory\", \"x_refsource_APPLE\"]}, {\"url\": \"https://support.apple.com/HT206167\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://sourceforge.net/p/png-mng/mailman/message/33173461/\", \"name\": \"[png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/01/10/1\", \"name\": \"[oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/01/10/3\", \"name\": \"[oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://sourceforge.net/p/png-mng/mailman/message/33172831/\", \"name\": \"[png-mng-implement] 20141221 Re: libpng-1.5.21rc02 and 1.6.16rc02 are available\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"http://www.securitytracker.com/id/1031444\", \"name\": \"1031444\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://secunia.com/advisories/62725\", \"name\": \"62725\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a \\\"very wide interlaced\\\" PNG image.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2016-10-17T13:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2015/01/04/3\", \"name\": \"[oss-security] 20150103 Re: CVE Request: libpng 1.6.15 Heap Overflow\", \"refsource\": \"MLIST\"}, {\"url\": \"http://www.securityfocus.com/bid/71820\", \"name\": \"71820\", \"refsource\": \"BID\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html\", \"name\": \"APPLE-SA-2016-03-21-5\", \"refsource\": \"APPLE\"}, {\"url\": \"https://support.apple.com/HT206167\", \"name\": \"https://support.apple.com/HT206167\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://sourceforge.net/p/png-mng/mailman/message/33173461/\", \"name\": \"[png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available\", \"refsource\": \"MLIST\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/01/10/1\", \"name\": \"[oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow\", \"refsource\": \"MLIST\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html\", \"name\": \"http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/01/10/3\", \"name\": \"[oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow\", \"refsource\": \"MLIST\"}, {\"url\": \"http://sourceforge.net/p/png-mng/mailman/message/33172831/\", \"name\": \"[png-mng-implement] 20141221 Re: libpng-1.5.21rc02 and 1.6.16rc02 are available\", \"refsource\": \"MLIST\"}, {\"url\": \"http://www.securitytracker.com/id/1031444\", \"name\": \"1031444\", \"refsource\": \"SECTRACK\"}, {\"url\": \"http://secunia.com/advisories/62725\", \"name\": \"62725\", \"refsource\": \"SECUNIA\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a \\\"very wide interlaced\\\" PNG image.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2014-9495\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2014-9495\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-09T15:16:20.021Z\", \"dateReserved\": \"2015-01-03T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2015-01-10T19:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2014-9495

Vulnerability from fkie_nvd - Published: 2015-01-10 19:59 - Updated: 2025-06-09 16:15

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cve@mitre.org	http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
cve@mitre.org	http://secunia.com/advisories/62725
cve@mitre.org	http://sourceforge.net/p/png-mng/mailman/message/33172831/
cve@mitre.org	http://sourceforge.net/p/png-mng/mailman/message/33173461/
cve@mitre.org	http://www.openwall.com/lists/oss-security/2015/01/04/3
cve@mitre.org	http://www.openwall.com/lists/oss-security/2015/01/10/1
cve@mitre.org	http://www.openwall.com/lists/oss-security/2015/01/10/3
cve@mitre.org	http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
cve@mitre.org	http://www.securityfocus.com/bid/71820
cve@mitre.org	http://www.securitytracker.com/id/1031444
cve@mitre.org	https://support.apple.com/HT206167	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/62725
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/p/png-mng/mailman/message/33172831/
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/p/png-mng/mailman/message/33173461/
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2015/01/04/3
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2015/01/10/1
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2015/01/10/3
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/71820
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1031444
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT206167	Vendor Advisory

Impacted products

Vendor	Product	Version
apple	mac_os_x	*
libpng	libpng	*
libpng	libpng	1.6.0
libpng	libpng	1.6.0
libpng	libpng	1.6.1
libpng	libpng	1.6.1
libpng	libpng	1.6.2
libpng	libpng	1.6.2
libpng	libpng	1.6.3
libpng	libpng	1.6.3
libpng	libpng	1.6.4
libpng	libpng	1.6.4
libpng	libpng	1.6.5
libpng	libpng	1.6.6
libpng	libpng	1.6.7
libpng	libpng	1.6.7
libpng	libpng	1.6.8
libpng	libpng	1.6.8
libpng	libpng	1.6.9
libpng	libpng	1.6.9
libpng	libpng	1.6.10
libpng	libpng	1.6.10
libpng	libpng	1.6.11
libpng	libpng	1.6.11
libpng	libpng	1.6.12
libpng	libpng	1.6.13
libpng	libpng	1.6.13
libpng	libpng	1.6.14
libpng	libpng	1.6.14
libpng	libpng	1.6.15
libpng	libpng	1.6.15

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3C6DA6A-9C87-4B7B-A52D-A66276B5DE82",
              "versionEndIncluding": "10.11.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:libpng:libpng:*:beta:*:*:*:*:*:*",
              "matchCriteriaId": "4D0BD544-FE2A-4AC6-8402-15A677EFC24C",
              "versionEndIncluding": "1.5.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7A0D174-F35C-488B-8577-00EFB7741089",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.0:beta:*:*:*:*:*:*",
              "matchCriteriaId": "051989A3-3F72-4223-98DF-54B0488656F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EDC5DA5-F2A7-4819-BB9D-258EB9AB7857",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.1:beta:*:*:*:*:*:*",
              "matchCriteriaId": "02FCC235-9564-4B92-B1AB-294EAB110E95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "27B34D78-C0BC-45DC-AD84-F5F13451ED7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.2:beta:*:*:*:*:*:*",
              "matchCriteriaId": "40C344C8-812C-4EDE-9AD6-31EF7F0E24C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D3A7EC-774C-423F-BDE1-CDCB9433D87B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.3:beta:*:*:*:*:*:*",
              "matchCriteriaId": "B9353E66-56D2-4CD1-BC30-5B2FF0F4E722",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B898B95-CF41-4813-8FE7-776BD59A6A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.4:beta:*:*:*:*:*:*",
              "matchCriteriaId": "5D9BF9ED-965A-4BF5-A3EC-FAFCE880F14A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F5E5899-5A3F-49A1-B18C-4C97566B87BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7897EEC-DE43-485A-B2CD-E8623A6D2C8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACC16FE2-E94E-45B9-94F0-B6434B21DD2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.7:beta:*:*:*:*:*:*",
              "matchCriteriaId": "278434CA-DD56-47FC-9C15-4B9D4159786C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8DAE31-CCA9-450D-90E5-B8F0490FB944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.8:beta:*:*:*:*:*:*",
              "matchCriteriaId": "0C5712AB-1A98-45DB-8384-5CD70D03684C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "52FEB5C9-0C13-4FD6-876C-AAE7ED4E986C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.9:beta:*:*:*:*:*:*",
              "matchCriteriaId": "B2903D2B-A99A-4120-88DC-A1DF59085F59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "2337F9F3-D26D-4A24-880A-800CD5C16795",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.10:beta:*:*:*:*:*:*",
              "matchCriteriaId": "D97CC2D1-657A-48D7-8035-89986341B56C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "31F71BA3-5402-448E-9068-EB0DCA1D62EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.11:beta:*:*:*:*:*:*",
              "matchCriteriaId": "3539DE6A-05BE-47EB-A89F-D3E4D98FC014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.12:beta:*:*:*:*:*:*",
              "matchCriteriaId": "4A004603-261B-49DB-B15B-A8EE0F3AB4BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD67323A-8463-4B8F-B370-40C2ACFF4D8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.13:beta:*:*:*:*:*:*",
              "matchCriteriaId": "6944746B-2032-4088-A7EB-EE004F12274E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BBA4F43-0FD0-4D7D-84A0-37C8E79B9B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.14:beta:*:*:*:*:*:*",
              "matchCriteriaId": "7AC27CC2-D64C-4AED-A0DF-F6F2920D7AB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71E01CC8-1C29-4C46-8213-B48A2364CE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.15:beta:*:*:*:*:*:*",
              "matchCriteriaId": "2A8396AB-D983-4F04-A9F5-FA120A0E0AF6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a \"very wide interlaced\" PNG image."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer basado en memoria din\u00e1mica en la funci\u00f3n png_combine_row en libpng en versiones anteriores a 1.5.21 y 1.6.x en versiones anteriores a 1.6.16, cuando se ejecuta en sistemas de 64 bits, podr\u00eda permitir a atacantes dependientes del contexto ejecutar c\u00f3digo arbitrario a trav\u00e9s de una imagen PNG \"entrelazada muy ampliamente\"."
    }
  ],
  "id": "CVE-2014-9495",
  "lastModified": "2025-06-09T16:15:24.410",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2015-01-10T19:59:00.047",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/62725"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sourceforge.net/p/png-mng/mailman/message/33172831/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sourceforge.net/p/png-mng/mailman/message/33173461/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2015/01/04/3"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2015/01/10/1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2015/01/10/3"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/71820"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1031444"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT206167"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/62725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/p/png-mng/mailman/message/33172831/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/p/png-mng/mailman/message/33173461/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2015/01/04/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2015/01/10/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2015/01/10/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/71820"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1031444"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT206167"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-122"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

CNVD-2015-00014

Vulnerability from cnvd - Published: 2015-01-04

Title

libpng 'png_combine_row()'缓冲区溢出漏洞

Description

libpng是一款多种应用程序所使用的解析PNG图形格式的函数库。 libpng 'png_combine_row()'存在缓冲区溢出漏洞，因为它未能正确验证用户提供的输入。攻击者可能会利用这些漏洞在使用受影响的库的应用程序的上下文中执行任意代码。

Severity

高

Patch Name

libpng 'png_combine_row()'缓冲区溢出漏洞的补丁

Patch Description

libpng是一款多种应用程序所使用的解析PNG图形格式的函数库。libpng 'png_combine_row()'存在缓冲区溢出漏洞，因为它未能正确验证用户提供的输入。攻击者可能会利用这些漏洞在使用受影响的库的应用程序的上下文中执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可以联系供应商获得补丁信息： http://www.libpng.org/pub/png/libpng.html

Reference

http://www.securityfocus.com/bid/71820

Impacted products

Name
libpng libpng <=1.6.15

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "71820"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2014-9495"
    }
  },
  "description": "libpng\u662f\u4e00\u6b3e\u591a\u79cd\u5e94\u7528\u7a0b\u5e8f\u6240\u4f7f\u7528\u7684\u89e3\u6790PNG\u56fe\u5f62\u683c\u5f0f\u7684\u51fd\u6570\u5e93\u3002 \r\n\r\nlibpng \u0027png_combine_row()\u0027\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u56e0\u4e3a\u5b83\u672a\u80fd\u6b63\u786e\u9a8c\u8bc1\u7528\u6237\u63d0\u4f9b\u7684\u8f93\u5165\u3002\u653b\u51fb\u8005\u53ef\u80fd\u4f1a\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u5728\u4f7f\u7528\u53d7\u5f71\u54cd\u7684\u5e93\u7684\u5e94\u7528\u7a0b\u5e8f\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Alex Eubanks",
  "formalWay": "\u7528\u6237\u53ef\u4ee5\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://www.libpng.org/pub/png/libpng.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-00014",
  "openTime": "2015-01-04",
  "patchDescription": "libpng\u662f\u4e00\u6b3e\u591a\u79cd\u5e94\u7528\u7a0b\u5e8f\u6240\u4f7f\u7528\u7684\u89e3\u6790PNG\u56fe\u5f62\u683c\u5f0f\u7684\u51fd\u6570\u5e93\u3002libpng \u0027png_combine_row()\u0027\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u56e0\u4e3a\u5b83\u672a\u80fd\u6b63\u786e\u9a8c\u8bc1\u7528\u6237\u63d0\u4f9b\u7684\u8f93\u5165\u3002\u653b\u51fb\u8005\u53ef\u80fd\u4f1a\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u5728\u4f7f\u7528\u53d7\u5f71\u54cd\u7684\u5e93\u7684\u5e94\u7528\u7a0b\u5e8f\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "libpng \u0027png_combine_row()\u0027\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "libpng libpng \u003c=1.6.15"
  },
  "referenceLink": "http://www.securityfocus.com/bid/71820",
  "serverity": "\u9ad8",
  "submitTime": "2014-12-31",
  "title": "libpng \u0027png_combine_row()\u0027\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

CERTFR-2016-AVI-106

Vulnerability from certfr_avis - Published: 2016-03-22 - Updated: 2016-03-22

De multiples vulnérabilités ont été corrigées dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	OS X Mavericks versions 10.9.5 et antérieures n'intégrant pas le correctif de sécurité 2016-002
Apple	N/A	tvOS versions antérieures à 9.2 pour Apple TV (4ème génération)
Apple	N/A	OS X El Capitan 10.11.x versions antérieures à 10.11.4
Apple	N/A	iOS versions antérieures à 9.3 pour iPhones 4s, iPod touch (5ème génération), iPad 2 et leurs modèles respectifs plus récents
Apple	N/A	watchOS versions antérieures à 2.2
Apple	N/A	OS X Server versions antérieures à 5.1 pour OS X Yosemite versions 10.10.5 et ultérieures
Apple	N/A	Xcode versions antérieures à 7.3 pour OS X El Capitan versions 10.11 et ultérieures
Apple	N/A	OS X Yosemite versions 10.10.5 et antérieures n'intégrant pas le correctif de sécurité 2016-002
Apple	Safari	Safari versions antérieures à 9.1

References

Title

Publication Time

GSD-2014-9495

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2014-9495

Aliases

CVE-2014-9495

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-9495",
    "description": "Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a \"very wide interlaced\" PNG image.",
    "id": "GSD-2014-9495",
    "references": [
      "https://www.suse.com/security/cve/CVE-2014-9495.html",
      "https://advisories.mageia.org/CVE-2014-9495.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-9495"
      ],
      "details": "Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a \"very wide interlaced\" PNG image.",
      "id": "GSD-2014-9495",
      "modified": "2023-12-13T01:22:48.374112Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2014-9495",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a \"very wide interlaced\" PNG image."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "[oss-security] 20150103 Re: CVE Request: libpng 1.6.15 Heap Overflow",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2015/01/04/3"
          },
          {
            "name": "71820",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/71820"
          },
          {
            "name": "APPLE-SA-2016-03-21-5",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
          },
          {
            "name": "https://support.apple.com/HT206167",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT206167"
          },
          {
            "name": "[png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available",
            "refsource": "MLIST",
            "url": "http://sourceforge.net/p/png-mng/mailman/message/33173461/"
          },
          {
            "name": "[oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2015/01/10/1"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
          },
          {
            "name": "[oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2015/01/10/3"
          },
          {
            "name": "[png-mng-implement] 20141221 Re: libpng-1.5.21rc02 and 1.6.16rc02 are available",
            "refsource": "MLIST",
            "url": "http://sourceforge.net/p/png-mng/mailman/message/33172831/"
          },
          {
            "name": "1031444",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1031444"
          },
          {
            "name": "62725",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/62725"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[1.6.0,1.6.15]",
          "affected_versions": "All versions starting from 1.6.0 up to 1.6.15",
          "cvss_v2": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "cwe_ids": [
            "CWE-1035",
            "CWE-119",
            "CWE-937"
          ],
          "date": "2016-10-18",
          "description": "Heap-based buffer overflow in the png_combine_row function in libpng, when running on systems, might allow context-dependent attackers to execute arbitrary code via a \"very wide interlaced\" PNG image.",
          "fixed_versions": [
            "1.6.18.1"
          ],
          "identifier": "CVE-2014-9495",
          "identifiers": [
            "CVE-2014-9495"
          ],
          "not_impacted": "All versions before 1.6.0, all versions after 1.6.15",
          "package_slug": "nuget/libpng",
          "pubdate": "2015-01-10",
          "solution": "Upgrade to version 1.6.18.1 or above.",
          "title": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2014-9495"
          ],
          "uuid": "81f97696-c983-4e20-ace5-acf9ee3ea546"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.11.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.0:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.4:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.9:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.14:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.2:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.7:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.11:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.12:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:*:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.5.20",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.1:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.10:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.15:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.3:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.8:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.13:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9495"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a \"very wide interlaced\" PNG image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1031444",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1031444"
            },
            {
              "name": "[oss-security] 20150103 Re: CVE Request: libpng 1.6.15 Heap Overflow",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2015/01/04/3"
            },
            {
              "name": "71820",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/71820"
            },
            {
              "name": "[png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://sourceforge.net/p/png-mng/mailman/message/33173461/"
            },
            {
              "name": "[oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2015/01/10/1"
            },
            {
              "name": "[png-mng-implement] 20141221 Re: libpng-1.5.21rc02 and 1.6.16rc02 are available",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://sourceforge.net/p/png-mng/mailman/message/33172831/"
            },
            {
              "name": "[oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2015/01/10/3"
            },
            {
              "name": "62725",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/62725"
            },
            {
              "name": "https://support.apple.com/HT206167",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/HT206167"
            },
            {
              "name": "APPLE-SA-2016-03-21-5",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2016-10-18T03:45Z",
      "publishedDate": "2015-01-10T19:59Z"
    }
  }
}

GHSA-WPR3-PFV2-CHJQ

Vulnerability from github – Published: 2022-05-17 03:47 – Updated: 2025-06-09 18:31

Details

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-9495"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119",
      "CWE-122"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-01-10T19:59:00Z",
    "severity": "HIGH"
  },
  "details": "Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a \"very wide interlaced\" PNG image.",
  "id": "GHSA-wpr3-pfv2-chjq",
  "modified": "2025-06-09T18:31:54Z",
  "published": "2022-05-17T03:47:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9495"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT206167"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/62725"
    },
    {
      "type": "WEB",
      "url": "http://sourceforge.net/p/png-mng/mailman/message/33172831"
    },
    {
      "type": "WEB",
      "url": "http://sourceforge.net/p/png-mng/mailman/message/33173461"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/01/04/3"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/01/10/1"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/01/10/3"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/71820"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1031444"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-9495 (GCVE-0-2014-9495)

FKIE_CVE-2014-9495

CNVD-2015-00014

CERTFR-2016-AVI-106

Solution

GSD-2014-9495

GHSA-WPR3-PFV2-CHJQ

Tags

Sightings

Nomenclature