Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2015-8126

Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.

  • Published: Nov 13, 2015
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-8126
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
libpng / libpng 1.6.0 1.6.19
libpng / libpng 1.5.0 1.5.24
libpng / libpng 1.3.0 1.4.17
libpng / libpng 1.1.1 1.2.54
libpng / libpng - 1.0.64
fedoraproject / fedora 22 22.x
fedoraproject / fedora 23 23.x
fedoraproject / fedora 21 21.x
suse / linux_enterprise_desktop 11-sp3 11-sp3.x
suse / linux_enterprise_desktop 11-sp4 11-sp4.x
suse / linux_enterprise_server 12-sp1 12-sp1.x
suse / linux_enterprise_desktop 12-sp1 12-sp1.x
opensuse / leap 42.1 42.1.x
opensuse / opensuse 13.1 13.1.x
opensuse / opensuse 13.2 13.2.x
suse / linux_enterprise_server 12 12.x
suse / linux_enterprise_desktop 12 12.x
debian / debian_linux 8.0 8.0.x
debian / debian_linux 7.0 7.0.x
debian / debian_linux 9.0 9.0.x
redhat / enterprise_linux_desktop 7.0 7.0.x
redhat / enterprise_linux_server_aus 7.2 7.2.x
redhat / enterprise_linux_workstation 7.0 7.0.x
redhat / satellite 5.7 5.7.x
redhat / enterprise_linux_server_tus 7.2 7.2.x
redhat / enterprise_linux_server 7.0 7.0.x
redhat / enterprise_linux_eus 6.7 6.7.x
redhat / enterprise_linux_desktop 6.0 6.0.x
redhat / enterprise_linux_server 6.0 6.0.x
redhat / enterprise_linux_workstation 6.0 6.0.x
redhat / enterprise_linux_server_tus 7.3 7.3.x
redhat / enterprise_linux_server_aus 7.3 7.3.x
redhat / enterprise_linux_server_aus 7.4 7.4.x
redhat / enterprise_linux_eus 7.3 7.3.x
redhat / enterprise_linux_eus 7.4 7.4.x
redhat / enterprise_linux_eus 7.5 7.5.x
redhat / enterprise_linux_server_tus 7.6 7.6.x
redhat / enterprise_linux_server_aus 7.6 7.6.x
redhat / enterprise_linux_eus 7.6 7.6.x
redhat / enterprise_linux_eus 7.2 7.2.x
redhat / enterprise_linux_server_aus 7.7 7.7.x
redhat / enterprise_linux_server_tus 7.7 7.7.x
redhat / enterprise_linux_eus 7.7 7.7.x
redhat / satellite 5.6 5.6.x
oracle / solaris 11.3 11.3.x
oracle / linux 6 6.x
oracle / linux 7 7.x
oracle / jdk 1.8.0-update65 1.8.0-update65.x
oracle / jdk 1.8.0-update66 1.8.0-update66.x
oracle / jdk 1.6.0-update105 1.6.0-update105.x
oracle / jdk 1.7.0-update91 1.7.0-update91.x
oracle / jre 1.6.0-update105 1.6.0-update105.x
oracle / jre 1.7.0-update91 1.7.0-update91.x
oracle / jre 1.8.0-update66 1.8.0-update66.x
oracle / jre 1.8.0-update65 1.8.0-update65.x
apple / mac_os_x - 10.11.4
canonical / ubuntu_linux 15.10 15.10.x
canonical / ubuntu_linux 15.04 15.04.x
canonical / ubuntu_linux 12.04 12.04.x
canonical / ubuntu_linux 14.04 14.04.x