ALT-BU-2014-3184-1
Branch c7 update bulletin.
Closed vulnerabilities
BDU:2015-09756
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить доступность защищаемой информации
BDU:2016-01662
Уязвимость библиотеки libpng, позволяющая нарушителю выполнить произвольный код
BDU:2016-01663
Уязвимость библиотеки libpng, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-21
CVE-2013-7353
Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.
Modified: 2024-11-21
CVE-2013-7354
Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.
Modified: 2024-11-21
CVE-2014-9495
Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image.
- APPLE-SA-2016-03-21-5
- APPLE-SA-2016-03-21-5
- 62725
- 62725
- [png-mng-implement] 20141221 Re: libpng-1.5.21rc02 and 1.6.16rc02 are available
- [png-mng-implement] 20141221 Re: libpng-1.5.21rc02 and 1.6.16rc02 are available
- [png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available
- [png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available
- [oss-security] 20150103 Re: CVE Request: libpng 1.6.15 Heap Overflow
- [oss-security] 20150103 Re: CVE Request: libpng 1.6.15 Heap Overflow
- [oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow
- [oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow
- [oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow
- [oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- 71820
- 71820
- 1031444
- 1031444
- https://support.apple.com/HT206167
- https://support.apple.com/HT206167
Modified: 2024-11-21
CVE-2015-0973
Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.
- APPLE-SA-2016-03-21-5
- APPLE-SA-2016-03-21-5
- 62725
- 62725
- [png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available
- [png-mng-announce] 20141222 libpng-1.5.21 and 1.6.16 are available
- http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt
- http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt
- [oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow
- [oss-security] 20150109 Re: CVE Request: libpng 1.6.15 Heap Overflow
- [oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow
- [oss-security] 20150110 Re: CVE Request: libpng 1.6.15 Heap Overflow
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- https://security.netapp.com/advisory/ntap-20240719-0005/
- https://security.netapp.com/advisory/ntap-20240719-0005/
- https://support.apple.com/HT206167
- https://support.apple.com/HT206167