CVE-2015-8540
Published: 11 December 2015
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
Priority
Status
Package | Release | Status |
---|---|---|
chromium-browser Launchpad, Ubuntu, Debian |
precise |
Not vulnerable
(uses system libpng)
|
trusty |
Does not exist
(trusty was not-affected [uses system libpng])
|
|
upstream |
Needs triage
|
|
vivid |
Not vulnerable
(uses system libpng)
|
|
wily |
Not vulnerable
(uses system libpng)
|
|
firefox Launchpad, Ubuntu, Debian |
precise |
Not vulnerable
(bundles libpng 1.6.18)
|
trusty |
Does not exist
(trusty was not-affected [bundles libpng 1.6.18])
|
|
upstream |
Not vulnerable
(bundles libpng 1.6.18)
|
|
vivid |
Not vulnerable
(bundles libpng 1.6.18)
|
|
wily |
Not vulnerable
(bundles libpng 1.6.18)
|
|
libpng Launchpad, Ubuntu, Debian |
precise |
Released
(1.2.46-3ubuntu4.2)
|
trusty |
Released
(1.2.50-1ubuntu2.14.04.2)
|
|
upstream |
Pending
(1.0.66, 1.2.56, 1.4.19, and 1.5.26)
|
|
vivid |
Released
(1.2.51-0ubuntu3.15.04.2)
|
|
wily |
Released
(1.2.51-0ubuntu3.15.10.2)
|
|
Patches: upstream: http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/ upstream: https://github.com/glennrp/libpng/commit/520b373ee53e92dce93917fea5a609b2a0291472 |
||
thunderbird Launchpad, Ubuntu, Debian |
precise |
Not vulnerable
(bundles libpng 1.6.16)
|
trusty |
Does not exist
(trusty was not-affected [bundles libpng 1.6.16])
|
|
upstream |
Not vulnerable
(bundles libpng 1.6.16)
|
|
vivid |
Not vulnerable
(bundles libpng 1.6.16)
|
|
wily |
Not vulnerable
(bundles libpng 1.6.16)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.8 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | Required |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |