Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
Configuration 8 (hide)
|
Configuration 9 (hide)
|
Configuration 10 (hide)
|
History
07 Nov 2023, 02:28
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2016-04-14 14:59
Updated : 2024-02-28 15:21
NVD link : CVE-2015-8540
Mitre link : CVE-2015-8540
CVE.ORG link : CVE-2015-8540
JSON object : View
Products Affected
redhat
- enterprise_linux_server_supplementary
- enterprise_linux_workstation_supplementary
- enterprise_linux_desktop_supplementary
- enterprise_linux_hpc_node
fedoraproject
- fedora
debian
- debian_linux
libpng
- libpng
CWE
CWE-189
Numeric Errors