Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-9495
HistoryJan 10, 2015 - 7:59 p.m.

CVE-2014-9495

2015-01-1019:59:00
CWE-119
[email protected]
web.nvd.nist.gov
41
2
cve-2014-9495
libpng
buffer overflow
security vulnerability
nvd
png
image processing

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.8%

JSON

Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a β€œvery wide interlaced” PNG image.

Affected configurations

NVD
Node
applemac_os_xRange≀10.11.3
Node
libpnglibpngRange≀1.5.20beta
OR
libpnglibpngMatch1.6.0
OR
libpnglibpngMatch1.6.0beta
OR
libpnglibpngMatch1.6.1
OR
libpnglibpngMatch1.6.1beta
OR
libpnglibpngMatch1.6.2
OR
libpnglibpngMatch1.6.2beta
OR
libpnglibpngMatch1.6.3
OR
libpnglibpngMatch1.6.3beta
OR
libpnglibpngMatch1.6.4
OR
libpnglibpngMatch1.6.4beta
OR
libpnglibpngMatch1.6.5
OR
libpnglibpngMatch1.6.6
OR
libpnglibpngMatch1.6.7
OR
libpnglibpngMatch1.6.7beta
OR
libpnglibpngMatch1.6.8
OR
libpnglibpngMatch1.6.8beta
OR
libpnglibpngMatch1.6.9
OR
libpnglibpngMatch1.6.9beta
OR
libpnglibpngMatch1.6.10
OR
libpnglibpngMatch1.6.10beta
OR
libpnglibpngMatch1.6.11
OR
libpnglibpngMatch1.6.11beta
OR
libpnglibpngMatch1.6.12beta
OR
libpnglibpngMatch1.6.13
OR
libpnglibpngMatch1.6.13beta
OR
libpnglibpngMatch1.6.14
OR
libpnglibpngMatch1.6.14beta
OR
libpnglibpngMatch1.6.15
OR
libpnglibpngMatch1.6.15beta
CPENameOperatorVersion
apple:mac_os_xapple mac os xle10.11.3

Social References

More

Related

openvas 11
cvelist 2
nessus 10
mageia 1
nvd 2
gentoo 1
debiancve 2
prion 2
ubuntucve 2
cve 1
suse 2
fedora 3
securityvulns 2
ibm 4
rosalinux 1
photon 3
apple 2
openvas
openvas
Gentoo Security Advisory GLSA 201502-10
2015-09-29 00:00:00
Mageia: Security Advisory (MGASA-2015-0008)
2022-01-28 00:00:00
Fedora Update for libpng10 FEDORA-2015-2863
2015-03-10 00:00:00
cvelist
cvelist
CVE-2014-9495
2015-01-10 19:00:00
CVE-2015-0973
2015-01-18 18:00:00
nessus
nessus
GLSA-201502-10 : libpng: User-assisted execution of arbitrary code
2015-02-16 00:00:00
Fedora 21 : libpng10-1.0.63-1.fc21 (2015-2863)
2015-03-10 00:00:00
Mandriva Linux Security Advisory : libpng (MDVSA-2015:090)
2015-03-30 00:00:00
mageia
mageia
Updated libpng packages fix CVE-2014-9495
2015-01-07 18:14:58
nvd
nvd
CVE-2014-9495
2015-01-10 19:59:00
CVE-2015-0973
2015-01-18 18:59:03
gentoo
gentoo
libpng: User-assisted execution of arbitrary code
2015-02-15 00:00:00
debiancve
debiancve
CVE-2014-9495
2015-01-10 19:59:00
CVE-2015-0973
2015-01-18 18:59:03
prion
prion
Heap overflow
2015-01-10 19:59:00
Buffer overflow
2015-01-18 18:59:00
ubuntucve
ubuntucve
CVE-2014-9495
2015-01-10 00:00:00
CVE-2015-0973
2015-01-18 00:00:00
cve
cve
CVE-2015-0973
2015-01-18 18:59:03
suse
suse
Security update for libpng16 (important)
2015-01-28 18:05:31
Security update for libpng16 (important)
2015-01-20 14:04:48
fedora
fedora
[SECURITY] Fedora 21 Update: libpng10-1.0.63-1.fc21
2015-03-09 08:37:27
[SECURITY] Fedora 22 Update: libpng10-1.0.63-1.fc22
2015-03-09 08:19:25
[SECURITY] Fedora 20 Update: libpng10-1.0.63-1.fc20
2015-03-09 08:28:31
securityvulns
securityvulns
[ MDVSA-2015:090 ] libpng
2015-04-20 00:00:00
libpng security vulnerabilities
2015-04-20 00:00:00
ibm
ibm
Security Bulletin: Security vulnerabilities in Rational DOORS (CVE-2014-3613, CVE-2014-3620, CVE-2014-8730, CVE-2014-9495, CVE-2015-0973)
2020-05-01 08:19:24
Security Bulletin: IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities
2018-06-15 23:13:37
Security Bulletin: Multiple vulnerability in Product IBM Tivoli Common Reporting( CVE-2015-0138, CVE-2014-9495,CVE-2014-8917,CVE-2015-0973 ,CVE-2014-3566 ,CVE-2014-6457 ,CVE-2014-6593,CVE-2015-0410,CVE-2014-3569,CVE-2015-0204,CVE-2014-3570)
2018-06-17 15:02:16
rosalinux
rosalinux
Advisory ROSA-SA-2021-1884
2021-07-02 17:16:15
photon
photon
Critical Photon OS Security Update - PHSA-2023-5.0-0033
2023-06-21 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0415
2023-06-22 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0602
2023-06-21 00:00:00
apple
apple
About the security content of OS X El Capitan v10.11.4 and Security Update 2016-002
2016-03-21 00:00:00
About the security content of OS X El Capitan v10.11.4 and Security Update 2016-002 - Apple Support
2017-01-23 03:54:34

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.8%

JSON
Related for CVE-2014-9495
openvas11cvelist2nessus10mageia1nvd2gentoo1debiancve2prion2ubuntucve2cve1suse2fedora3securityvulns2ibm4rosalinux1photon3apple2