Vulnerability-Lookup

CVE-2015-0973 (GCVE-0-2015-0973)

Vulnerability from cvelistv5 – Published: 2015-01-18 18:00 – Updated: 2025-06-09 15:25

Summary

Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Assigner

certcc

References

URL

GSD-2015-0973

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2015-0973

Aliases

CVE-2015-0973

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-0973",
    "description": "Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.",
    "id": "GSD-2015-0973",
    "references": [
      "https://www.suse.com/security/cve/CVE-2015-0973.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-0973"
      ],
      "details": "Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.",
      "id": "GSD-2015-0973",
      "modified": "2023-12-13T01:19:57.960826Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cert@cert.org",
        "ID": "CVE-2015-0973",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "APPLE-SA-2016-03-21-5",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
          },
          {
            "name": "https://support.apple.com/HT206167",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT206167"
          },
          {
            "name": "[png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available",
            "refsource": "MLIST",
            "url": "http://sourceforge.net/p/png-mng/mailman/message/33173461/"
          },
          {
            "name": "[oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2015/01/10/1"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
          },
          {
            "name": "[oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2015/01/10/3"
          },
          {
            "name": "62725",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/62725"
          },
          {
            "name": "http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt",
            "refsource": "MISC",
            "url": "http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[1.6.0,1.6.15]",
          "affected_versions": "All versions starting from 1.6.0 up to 1.6.15",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "cwe_ids": [
            "CWE-1035",
            "CWE-119",
            "CWE-937"
          ],
          "date": "2016-10-20",
          "description": "Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.",
          "fixed_versions": [
            "1.6.18.1"
          ],
          "identifier": "CVE-2015-0973",
          "identifiers": [
            "CVE-2015-0973"
          ],
          "not_impacted": "All versions before 1.6.0, all versions after 1.6.15",
          "package_slug": "nuget/libpng",
          "pubdate": "2015-01-18",
          "solution": "Upgrade to version 1.6.18.1 or above.",
          "title": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2015-0973"
          ],
          "uuid": "2571d9a7-253f-494c-911b-26d156e2cd1a"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.0:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.1:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.10:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.11:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.4:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.14:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.15:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.2:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.3:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.5.20",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.7:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.8:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.9:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.12:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:1.6.13:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.11.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2015-0973"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt"
            },
            {
              "name": "[oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow",
              "refsource": "MLIST",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/01/10/1"
            },
            {
              "name": "[oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow",
              "refsource": "MLIST",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2015/01/10/3"
            },
            {
              "name": "[png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available",
              "refsource": "MLIST",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://sourceforge.net/p/png-mng/mailman/message/33173461/"
            },
            {
              "name": "62725",
              "refsource": "SECUNIA",
              "tags": [
                "Permissions Required",
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/62725"
            },
            {
              "name": "https://support.apple.com/HT206167",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/HT206167"
            },
            {
              "name": "APPLE-SA-2016-03-21-5",
              "refsource": "APPLE",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2016-10-20T18:46Z",
      "publishedDate": "2015-01-18T18:59Z"
    }
  }
}

GHSA-5GG5-9R5R-WPGH

Vulnerability from github – Published: 2022-05-17 03:47 – Updated: 2025-06-09 18:31

Details

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-0973"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119",
      "CWE-120"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-01-18T18:59:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.",
  "id": "GHSA-5gg5-9r5r-wpgh",
  "modified": "2025-06-09T18:31:54Z",
  "published": "2022-05-17T03:47:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0973"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20240719-0005"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT206167"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/62725"
    },
    {
      "type": "WEB",
      "url": "http://sourceforge.net/p/png-mng/mailman/message/33173461"
    },
    {
      "type": "WEB",
      "url": "http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/01/10/1"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/01/10/3"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2015-0973

Vulnerability from fkie_nvd - Published: 2015-01-18 18:59 - Updated: 2025-06-09 16:15

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cret@cert.org	http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html	Vendor Advisory
cret@cert.org	http://secunia.com/advisories/62725	Permissions Required, Third Party Advisory
cret@cert.org	http://sourceforge.net/p/png-mng/mailman/message/33173461/	Third Party Advisory
cret@cert.org	http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt	Exploit
cret@cert.org	http://www.openwall.com/lists/oss-security/2015/01/10/1	Exploit, Third Party Advisory
cret@cert.org	http://www.openwall.com/lists/oss-security/2015/01/10/3	Exploit
cret@cert.org	http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html	Third Party Advisory
cret@cert.org	https://security.netapp.com/advisory/ntap-20240719-0005/
cret@cert.org	https://support.apple.com/HT206167	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/62725	Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/p/png-mng/mailman/message/33173461/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2015/01/10/1	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2015/01/10/3	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20240719-0005/
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT206167	Vendor Advisory

Impacted products

Vendor	Product	Version
oracle	solaris	11.2
libpng	libpng	*
libpng	libpng	1.6.0
libpng	libpng	1.6.0
libpng	libpng	1.6.1
libpng	libpng	1.6.1
libpng	libpng	1.6.2
libpng	libpng	1.6.2
libpng	libpng	1.6.3
libpng	libpng	1.6.3
libpng	libpng	1.6.4
libpng	libpng	1.6.4
libpng	libpng	1.6.5
libpng	libpng	1.6.6
libpng	libpng	1.6.7
libpng	libpng	1.6.7
libpng	libpng	1.6.8
libpng	libpng	1.6.8
libpng	libpng	1.6.9
libpng	libpng	1.6.9
libpng	libpng	1.6.10
libpng	libpng	1.6.10
libpng	libpng	1.6.11
libpng	libpng	1.6.11
libpng	libpng	1.6.12
libpng	libpng	1.6.13
libpng	libpng	1.6.13
libpng	libpng	1.6.14
libpng	libpng	1.6.14
libpng	libpng	1.6.15
libpng	libpng	1.6.15
apple	mac_os_x	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "83D384F2-90CA-4A6A-82C0-95F572099E78",
              "versionEndIncluding": "1.5.20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7A0D174-F35C-488B-8577-00EFB7741089",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.0:beta:*:*:*:*:*:*",
              "matchCriteriaId": "051989A3-3F72-4223-98DF-54B0488656F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EDC5DA5-F2A7-4819-BB9D-258EB9AB7857",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.1:beta:*:*:*:*:*:*",
              "matchCriteriaId": "02FCC235-9564-4B92-B1AB-294EAB110E95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "27B34D78-C0BC-45DC-AD84-F5F13451ED7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.2:beta:*:*:*:*:*:*",
              "matchCriteriaId": "40C344C8-812C-4EDE-9AD6-31EF7F0E24C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D3A7EC-774C-423F-BDE1-CDCB9433D87B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.3:beta:*:*:*:*:*:*",
              "matchCriteriaId": "B9353E66-56D2-4CD1-BC30-5B2FF0F4E722",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B898B95-CF41-4813-8FE7-776BD59A6A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.4:beta:*:*:*:*:*:*",
              "matchCriteriaId": "5D9BF9ED-965A-4BF5-A3EC-FAFCE880F14A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F5E5899-5A3F-49A1-B18C-4C97566B87BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7897EEC-DE43-485A-B2CD-E8623A6D2C8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACC16FE2-E94E-45B9-94F0-B6434B21DD2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.7:beta:*:*:*:*:*:*",
              "matchCriteriaId": "278434CA-DD56-47FC-9C15-4B9D4159786C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8DAE31-CCA9-450D-90E5-B8F0490FB944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.8:beta:*:*:*:*:*:*",
              "matchCriteriaId": "0C5712AB-1A98-45DB-8384-5CD70D03684C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "52FEB5C9-0C13-4FD6-876C-AAE7ED4E986C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.9:beta:*:*:*:*:*:*",
              "matchCriteriaId": "B2903D2B-A99A-4120-88DC-A1DF59085F59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "2337F9F3-D26D-4A24-880A-800CD5C16795",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.10:beta:*:*:*:*:*:*",
              "matchCriteriaId": "D97CC2D1-657A-48D7-8035-89986341B56C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "31F71BA3-5402-448E-9068-EB0DCA1D62EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.11:beta:*:*:*:*:*:*",
              "matchCriteriaId": "3539DE6A-05BE-47EB-A89F-D3E4D98FC014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.12:beta:*:*:*:*:*:*",
              "matchCriteriaId": "4A004603-261B-49DB-B15B-A8EE0F3AB4BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD67323A-8463-4B8F-B370-40C2ACFF4D8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.13:beta:*:*:*:*:*:*",
              "matchCriteriaId": "6944746B-2032-4088-A7EB-EE004F12274E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BBA4F43-0FD0-4D7D-84A0-37C8E79B9B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.14:beta:*:*:*:*:*:*",
              "matchCriteriaId": "7AC27CC2-D64C-4AED-A0DF-F6F2920D7AB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "71E01CC8-1C29-4C46-8213-B48A2364CE8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:1.6.15:beta:*:*:*:*:*:*",
              "matchCriteriaId": "2A8396AB-D983-4F04-A9F5-FA120A0E0AF6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3C6DA6A-9C87-4B7B-A52D-A66276B5DE82",
              "versionEndIncluding": "10.11.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer en la funci\u00f3n png_read_IDAT_data en pngrutil.c en libpng anterior a 1.5.21 y 1.6.x anterior a 1.6.16 permite a atacantes dependientes de contexto ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos IDAT con una anchura grande, una vulnerabilidad diferente a CVE-2014-9495."
    }
  ],
  "id": "CVE-2015-0973",
  "lastModified": "2025-06-09T16:15:24.780",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2015-01-18T18:59:03.020",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/62725"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://sourceforge.net/p/png-mng/mailman/message/33173461/"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2015/01/10/1"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2015/01/10/3"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
    },
    {
      "source": "cret@cert.org",
      "url": "https://security.netapp.com/advisory/ntap-20240719-0005/"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT206167"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/62725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://sourceforge.net/p/png-mng/mailman/message/33173461/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2015/01/10/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2015/01/10/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.netapp.com/advisory/ntap-20240719-0005/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT206167"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

CERTFR-2016-AVI-106

Vulnerability from certfr_avis - Published: 2016-03-22 - Updated: 2016-03-22

De multiples vulnérabilités ont été corrigées dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	OS X Mavericks versions 10.9.5 et antérieures n'intégrant pas le correctif de sécurité 2016-002
Apple	N/A	tvOS versions antérieures à 9.2 pour Apple TV (4ème génération)
Apple	N/A	OS X El Capitan 10.11.x versions antérieures à 10.11.4
Apple	N/A	iOS versions antérieures à 9.3 pour iPhones 4s, iPod touch (5ème génération), iPad 2 et leurs modèles respectifs plus récents
Apple	N/A	watchOS versions antérieures à 2.2
Apple	N/A	OS X Server versions antérieures à 5.1 pour OS X Yosemite versions 10.10.5 et ultérieures
Apple	N/A	Xcode versions antérieures à 7.3 pour OS X El Capitan versions 10.11 et ultérieures
Apple	N/A	OS X Yosemite versions 10.10.5 et antérieures n'intégrant pas le correctif de sécurité 2016-002
Apple	Safari	Safari versions antérieures à 9.1

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT206173 du 21 mars 2016	None	vendor-advisory
Bulletin de sécurité Apple HT206169 du 21 mars 2016	None	vendor-advisory
Bulletin de sécurité Apple HT206168 du 21 mars 2016	None	vendor-advisory
Bulletin de sécurité Apple HT206171 du 21 mars 2016	None	vendor-advisory
Bulletin de sécurité Apple HT206166 du 21 mars 2016	None	vendor-advisory
Bulletin de sécurité Apple HT206172 du 21 mars 2016	None	vendor-advisory
Bulletin de sécurité Apple HT206167 du 21 mars 2016	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "OS X Mavericks versions 10.9.5 et ant\u00e9rieures n\u0027int\u00e9grant pas le correctif de s\u00e9curit\u00e9 2016-002",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "tvOS versions ant\u00e9rieures \u00e0 9.2 pour Apple TV (4\u00e8me g\u00e9n\u00e9ration)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "OS X El Capitan 10.11.x versions ant\u00e9rieures \u00e0 10.11.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "iOS versions ant\u00e9rieures \u00e0 9.3 pour iPhones 4s, iPod touch (5\u00e8me g\u00e9n\u00e9ration), iPad 2 et leurs mod\u00e8les respectifs plus r\u00e9cents",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "watchOS versions ant\u00e9rieures \u00e0 2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "OS X Server versions ant\u00e9rieures \u00e0 5.1 pour OS X Yosemite versions 10.10.5 et ult\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Xcode versions ant\u00e9rieures \u00e0 7.3 pour OS X El Capitan versions 10.11 et ult\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "OS X Yosemite versions 10.10.5 et ant\u00e9rieures n\u0027int\u00e9grant pas le correctif de s\u00e9curit\u00e9 2016-002",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari versions ant\u00e9rieures \u00e0 9.1",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-1753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1753"
    },
    {
      "name": "CVE-2016-1781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1781"
    },
    {
      "name": "CVE-2016-1736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1736"
    },
    {
      "name": "CVE-2016-1750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1750"
    },
    {
      "name": "CVE-2016-1779",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1779"
    },
    {
      "name": "CVE-2016-1748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1748"
    },
    {
      "name": "CVE-2016-1766",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1766"
    },
    {
      "name": "CVE-2016-1758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1758"
    },
    {
      "name": "CVE-2016-1735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1735"
    },
    {
      "name": "CVE-2016-1763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1763"
    },
    {
      "name": "CVE-2016-1767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1767"
    },
    {
      "name": "CVE-2016-1720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1720"
    },
    {
      "name": "CVE-2016-1771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1771"
    },
    {
      "name": "CVE-2016-1719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1719"
    },
    {
      "name": "CVE-2015-3195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3195"
    },
    {
      "name": "CVE-2016-1727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1727"
    },
    {
      "name": "CVE-2016-0777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0777"
    },
    {
      "name": "CVE-2015-3184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3184"
    },
    {
      "name": "CVE-2015-1819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1819"
    },
    {
      "name": "CVE-2016-0801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0801"
    },
    {
      "name": "CVE-2016-1950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1950"
    },
    {
      "name": "CVE-2016-1768",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1768"
    },
    {
      "name": "CVE-2016-0802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0802"
    },
    {
      "name": "CVE-2016-1744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1744"
    },
    {
      "name": "CVE-2016-1775",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1775"
    },
    {
      "name": "CVE-2016-1787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1787"
    },
    {
      "name": "CVE-2015-8035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8035"
    },
    {
      "name": "CVE-2016-1788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1788"
    },
    {
      "name": "CVE-2015-3187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3187"
    },
    {
      "name": "CVE-2016-1786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1786"
    },
    {
      "name": "CVE-2016-1717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1717"
    },
    {
      "name": "CVE-2015-7499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7499"
    },
    {
      "name": "CVE-2016-1776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1776"
    },
    {
      "name": "CVE-2009-2197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2197"
    },
    {
      "name": "CVE-2016-1785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1785"
    },
    {
      "name": "CVE-2015-7500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7500"
    },
    {
      "name": "CVE-2016-1755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1755"
    },
    {
      "name": "CVE-2016-1733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1733"
    },
    {
      "name": "CVE-2016-1772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1772"
    },
    {
      "name": "CVE-2016-1723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1723"
    },
    {
      "name": "CVE-2015-5312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5312"
    },
    {
      "name": "CVE-2016-1754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1754"
    },
    {
      "name": "CVE-2016-1783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1783"
    },
    {
      "name": "CVE-2016-1756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1756"
    },
    {
      "name": "CVE-2016-1745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1745"
    },
    {
      "name": "CVE-2016-1752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1752"
    },
    {
      "name": "CVE-2014-9495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-9495"
    },
    {
      "name": "CVE-2015-7995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7995"
    },
    {
      "name": "CVE-2015-7942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7942"
    },
    {
      "name": "CVE-2015-5333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5333"
    },
    {
      "name": "CVE-2015-8126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8126"
    },
    {
      "name": "CVE-2016-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1725"
    },
    {
      "name": "CVE-2016-1761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1761"
    },
    {
      "name": "CVE-2015-8242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8242"
    },
    {
      "name": "CVE-2016-1740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1740"
    },
    {
      "name": "CVE-2016-1764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1764"
    },
    {
      "name": "CVE-2016-1757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1757"
    },
    {
      "name": "CVE-2016-1769",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1769"
    },
    {
      "name": "CVE-2016-1743",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1743"
    },
    {
      "name": "CVE-2016-1746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1746"
    },
    {
      "name": "CVE-2016-1724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1724"
    },
    {
      "name": "CVE-2016-1762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1762"
    },
    {
      "name": "CVE-2015-8659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8659"
    },
    {
      "name": "CVE-2016-1770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1770"
    },
    {
      "name": "CVE-2016-1749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1749"
    },
    {
      "name": "CVE-2016-1732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1732"
    },
    {
      "name": "CVE-2016-1773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1773"
    },
    {
      "name": "CVE-2016-1777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1777"
    },
    {
      "name": "CVE-2016-1765",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1765"
    },
    {
      "name": "CVE-2016-1741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1741"
    },
    {
      "name": "CVE-2016-1737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1737"
    },
    {
      "name": "CVE-2016-1784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1784"
    },
    {
      "name": "CVE-2016-1759",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1759"
    },
    {
      "name": "CVE-2016-1778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1778"
    },
    {
      "name": "CVE-2015-5334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5334"
    },
    {
      "name": "CVE-2016-1722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1722"
    },
    {
      "name": "CVE-2015-0973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-0973"
    },
    {
      "name": "CVE-2016-1738",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1738"
    },
    {
      "name": "CVE-2016-1747",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1747"
    },
    {
      "name": "CVE-2015-7551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7551"
    },
    {
      "name": "CVE-2016-1780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1780"
    },
    {
      "name": "CVE-2016-1774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1774"
    },
    {
      "name": "CVE-2016-1721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1721"
    },
    {
      "name": "CVE-2015-8472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-8472"
    },
    {
      "name": "CVE-2016-1782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1782"
    },
    {
      "name": "CVE-2016-1726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1726"
    },
    {
      "name": "CVE-2016-1751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1751"
    },
    {
      "name": "CVE-2016-0778",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0778"
    },
    {
      "name": "CVE-2016-1734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1734"
    }
  ],
  "initial_release_date": "2016-03-22T00:00:00",
  "last_revision_date": "2016-03-22T00:00:00",
  "links": [],
  "reference": "CERTFR-2016-AVI-106",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-03-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Apple\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT206173 du 21 mars 2016",
      "url": "https://support.apple.com/en-us/HT206173"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT206169 du 21 mars 2016",
      "url": "https://support.apple.com/en-us/HT206169"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT206168 du 21 mars 2016",
      "url": "https://support.apple.com/en-us/HT206168"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT206171 du 21 mars 2016",
      "url": "https://support.apple.com/en-us/HT206171"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT206166 du 21 mars 2016",
      "url": "https://support.apple.com/en-us/HT206166"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT206172 du 21 mars 2016",
      "url": "https://support.apple.com/en-us/HT206172"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT206167 du 21 mars 2016",
      "url": "https://support.apple.com/en-us/HT206167"
    }
  ]
}

CNVD-2015-00270

Vulnerability from cnvd - Published: 2015-01-14

Title

libpng存在多个堆缓冲区溢出漏洞

Description

libpng是一款多种应用程序所使用的解析PNG图形格式的函数库。 libpng存在多个堆缓冲区溢出漏洞。由于程序未能对用户提供的输入进行充分的边界检查。攻击者可能会利用这些漏洞在受影响的库的应用程序的上下文中执行任意代码。

Severity

高

Patch Name

libpng存在多个堆缓冲区溢出漏洞的补丁

Patch Description

libpng是一款多种应用程序所使用的解析PNG图形格式的函数库。 libpng存在多个堆缓冲区溢出漏洞。由于程序未能对用户提供的输入进行充分的边界检查。攻击者可能会利用这些漏洞在受影响的库的应用程序的上下文中执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可以联系供应商获得补丁信息： http://www.libpng.org/pub/png/libpng.html

Reference

http://www.securityfocus.com/bid/71994

Impacted products

Name
libpng libpng

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "71994"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-0973"
    }
  },
  "description": "libpng\u662f\u4e00\u6b3e\u591a\u79cd\u5e94\u7528\u7a0b\u5e8f\u6240\u4f7f\u7528\u7684\u89e3\u6790PNG\u56fe\u5f62\u683c\u5f0f\u7684\u51fd\u6570\u5e93\u3002 \r\n\r\nlibpng\u5b58\u5728\u591a\u4e2a\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u7531\u4e8e\u7a0b\u5e8f\u672a\u80fd\u5bf9\u7528\u6237\u63d0\u4f9b\u7684\u8f93\u5165\u8fdb\u884c\u5145\u5206\u7684\u8fb9\u754c\u68c0\u67e5\u3002\u653b\u51fb\u8005\u53ef\u80fd\u4f1a\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u5e93\u7684\u5e94\u7528\u7a0b\u5e8f\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "John Bowler",
  "formalWay": "\u7528\u6237\u53ef\u4ee5\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://www.libpng.org/pub/png/libpng.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-00270",
  "openTime": "2015-01-14",
  "patchDescription": "libpng\u662f\u4e00\u6b3e\u591a\u79cd\u5e94\u7528\u7a0b\u5e8f\u6240\u4f7f\u7528\u7684\u89e3\u6790PNG\u56fe\u5f62\u683c\u5f0f\u7684\u51fd\u6570\u5e93\u3002\r\n\r\nlibpng\u5b58\u5728\u591a\u4e2a\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u7531\u4e8e\u7a0b\u5e8f\u672a\u80fd\u5bf9\u7528\u6237\u63d0\u4f9b\u7684\u8f93\u5165\u8fdb\u884c\u5145\u5206\u7684\u8fb9\u754c\u68c0\u67e5\u3002\u653b\u51fb\u8005\u53ef\u80fd\u4f1a\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u5e93\u7684\u5e94\u7528\u7a0b\u5e8f\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "libpng\u5b58\u5728\u591a\u4e2a\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "libpng libpng"
  },
  "referenceLink": "http://www.securityfocus.com/bid/71994",
  "serverity": "\u9ad8",
  "submitTime": "2015-01-13",
  "title": "libpng\u5b58\u5728\u591a\u4e2a\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-0973 (GCVE-0-2015-0973)

GSD-2015-0973

GHSA-5GG5-9R5R-WPGH

FKIE_CVE-2015-0973

CERTFR-2016-AVI-106

Solution

CNVD-2015-00270

Tags

Sightings

Nomenclature