Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2015-0973
HistoryJan 18, 2015 - 6:59 p.m.

CVE-2015-0973

2015-01-1818:59:03
CWE-119
[email protected]
web.nvd.nist.gov
8

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.9

Confidence

High

EPSS

0.021

Percentile

89.3%

JSON

Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.

Affected configurations

Nvd
Node
oraclesolarisMatch11.2
Node
libpnglibpngRange≀1.5.20
OR
libpnglibpngMatch1.6.0
OR
libpnglibpngMatch1.6.0beta
OR
libpnglibpngMatch1.6.1
OR
libpnglibpngMatch1.6.1beta
OR
libpnglibpngMatch1.6.2
OR
libpnglibpngMatch1.6.2beta
OR
libpnglibpngMatch1.6.3
OR
libpnglibpngMatch1.6.3beta
OR
libpnglibpngMatch1.6.4
OR
libpnglibpngMatch1.6.4beta
OR
libpnglibpngMatch1.6.5
OR
libpnglibpngMatch1.6.6
OR
libpnglibpngMatch1.6.7
OR
libpnglibpngMatch1.6.7beta
OR
libpnglibpngMatch1.6.8
OR
libpnglibpngMatch1.6.8beta
OR
libpnglibpngMatch1.6.9
OR
libpnglibpngMatch1.6.9beta
OR
libpnglibpngMatch1.6.10
OR
libpnglibpngMatch1.6.10beta
OR
libpnglibpngMatch1.6.11
OR
libpnglibpngMatch1.6.11beta
OR
libpnglibpngMatch1.6.12beta
OR
libpnglibpngMatch1.6.13
OR
libpnglibpngMatch1.6.13beta
OR
libpnglibpngMatch1.6.14
OR
libpnglibpngMatch1.6.14beta
OR
libpnglibpngMatch1.6.15
OR
libpnglibpngMatch1.6.15beta
Node
applemac_os_xRange≀10.11.3
VendorProductVersionCPE
oraclesolaris11.2cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*
libpnglibpng*cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*
libpnglibpng1.6.0cpe:2.3:a:libpng:libpng:1.6.0:*:*:*:*:*:*:*
libpnglibpng1.6.0cpe:2.3:a:libpng:libpng:1.6.0:beta:*:*:*:*:*:*
libpnglibpng1.6.1cpe:2.3:a:libpng:libpng:1.6.1:*:*:*:*:*:*:*
libpnglibpng1.6.1cpe:2.3:a:libpng:libpng:1.6.1:beta:*:*:*:*:*:*
libpnglibpng1.6.2cpe:2.3:a:libpng:libpng:1.6.2:*:*:*:*:*:*:*
libpnglibpng1.6.2cpe:2.3:a:libpng:libpng:1.6.2:beta:*:*:*:*:*:*
libpnglibpng1.6.3cpe:2.3:a:libpng:libpng:1.6.3:*:*:*:*:*:*:*
libpnglibpng1.6.3cpe:2.3:a:libpng:libpng:1.6.3:beta:*:*:*:*:*:*
Rows per page:
1-10 of 321

Related

openvas 11
ubuntucve 2
prion 2
cvelist 2
debiancve 2
nessus 13
suse 2
fedora 3
cve 2
ibm 4
mageia 1
gentoo 1
nvd 1
zdt 1
securityvulns 2
rosalinux 1
photon 3
androidsecurity 1
apple 2
openvas
openvas
openSUSE: Security Advisory for libpng16 (openSUSE-SU-2015:0161-1)
2015-01-29 00:00:00
Fedora Update for libpng10 FEDORA-2015-2863
2015-03-10 00:00:00
SUSE: Security Advisory for libpng16 (SUSE-SU-2015:0092-1)
2015-10-16 00:00:00
ubuntucve
ubuntucve
CVE-2015-0973
2015-01-18 00:00:00
CVE-2014-9495
2015-01-10 00:00:00
prion
prion
Buffer overflow
2015-01-18 18:59:00
Heap overflow
2015-01-10 19:59:00
cvelist
cvelist
CVE-2015-0973
2015-01-18 18:00:00
CVE-2014-9495
2015-01-10 19:00:00
debiancve
debiancve
CVE-2015-0973
2015-01-18 18:59:03
CVE-2014-9495
2015-01-10 19:59:00
nessus
nessus
Fedora 20 : libpng10-1.0.63-1.fc20 (2015-2830)
2015-03-10 00:00:00
Fedora 22 : libpng10-1.0.63-1.fc22 (2015-2765)
2015-03-10 00:00:00
SUSE SLED12 / SLES12 Security Update : libpng16 (SUSE-SU-2015:0092-1)
2015-05-20 00:00:00
suse
suse
Security update for libpng16 (important)
2015-01-20 14:04:48
Security update for libpng16 (important)
2015-01-28 18:05:31
fedora
fedora
[SECURITY] Fedora 21 Update: libpng10-1.0.63-1.fc21
2015-03-09 08:37:27
[SECURITY] Fedora 22 Update: libpng10-1.0.63-1.fc22
2015-03-09 08:19:25
[SECURITY] Fedora 20 Update: libpng10-1.0.63-1.fc20
2015-03-09 08:28:31
cve
cve
CVE-2015-0973
2015-01-18 18:59:03
CVE-2014-9495
2015-01-10 19:59:00
ibm
ibm
Security Bulletin: Security vulnerabilities in Rational DOORS (CVE-2014-3613, CVE-2014-3620, CVE-2014-8730, CVE-2014-9495, CVE-2015-0973)
2020-05-01 08:19:24
Security Bulletin: IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities
2018-06-15 23:13:37
Security Bulletin: Multiple vulnerability in Product IBM Tivoli Common Reporting( CVE-2015-0138, CVE-2014-9495,CVE-2014-8917,CVE-2015-0973 ,CVE-2014-3566 ,CVE-2014-6457 ,CVE-2014-6593,CVE-2015-0410,CVE-2014-3569,CVE-2015-0204,CVE-2014-3570)
2018-06-17 15:02:16
mageia
mageia
Updated libpng packages fix CVE-2014-9495
2015-01-07 18:14:58
gentoo
gentoo
libpng: User-assisted execution of arbitrary code
2015-02-15 00:00:00
nvd
nvd
CVE-2014-9495
2015-01-10 19:59:00
zdt
zdt
libpng 1.6.15 Heap Overflow Exploit
2015-01-24 00:00:00
securityvulns
securityvulns
[ MDVSA-2015:090 ] libpng
2015-04-20 00:00:00
libpng security vulnerabilities
2015-04-20 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1884
2021-07-02 17:16:15
photon
photon
Critical Photon OS Security Update - PHSA-2023-5.0-0033
2023-06-21 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0415
2023-06-22 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0602
2023-06-21 00:00:00
androidsecurity
androidsecurity
Nexus Security Bulletinβ€”August 2015
2015-08-13 00:00:00
apple
apple
About the security content of OS X El Capitan v10.11.4 and Security Update 2016-002 - Apple Support
2017-01-23 03:54:34
About the security content of OS X El Capitan v10.11.4 and Security Update 2016-002
2016-03-21 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.9

Confidence

High

EPSS

0.021

Percentile

89.3%

JSON
Related for NVD:CVE-2015-0973
openvas11ubuntucve2prion2cvelist2debiancve2nessus13suse2fedora3cve2ibm4mageia1gentoo1nvd1zdt1securityvulns2rosalinux1photon3androidsecurity1apple2