NVD

Id
23371  
Name
CVE-2015-0973  
Description
Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2015-01-18  
Modified Date
2016-10-20  
Seq
2015-0973  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
123931 23371 CVE-2015-0973 APPLE-SA-2016-03-21-5  View
123932 23371 CVE-2015-0973 [png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available  View
123933 23371 CVE-2015-0973 http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt  View
123934 23371 CVE-2015-0973 [oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow  View
123935 23371 CVE-2015-0973 [oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow  View
123936 23371 CVE-2015-0973 http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html  View
123937 23371 CVE-2015-0973 https://support.apple.com/HT206167  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
5878 JVNDB-2015-001198 libpng の pngrutil.c 内の png_read_IDAT_data 関数におけるバッファオーバーフローの脆弱性 libpng の pngrutil.c 内の png_read_IDAT_data 関数には、バッファオーバーフローの脆弱性が存在します。 CVE-2015-0973 78184 CVE-2015-0973 23371 7.5 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-001198.html 2015-01-09 2016-03-29 View