Anonymous | Login | 2024-05-19 15:47 CEST |
Main | My View | View Issues |
Viewing Issue Advanced Details [ Jump to Notes ] | [ View Simple ] [ Issue History ] [ Print ] | |||||||||||
ID | Category | Severity | Reproducibility | Date Submitted | Last Update | |||||||
0005259 | [libpng16_16] | major | N/A | 2015-11-15 02:05 | 2015-11-15 02:05 | |||||||
Reporter | jubal | View Status | public | |||||||||
Assigned To | ||||||||||||
Priority | normal | Resolution | open | Platform | ||||||||
Status | new | OS | ||||||||||
Projection | none | OS Version | ||||||||||
ETA | none | Product Build | ||||||||||
Summary | 0005259: Security -- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7981 [^] | |||||||||||
Description |
Recent vulnerability in libpng - excerpt from their website: "Virtually all libpng versions through 1.6.18, 1.5.23, 1.4.16, 1.2.53, and 1.0.63, respectively, have a potential out-of-bounds read in png_set_tIME()/png_convert_to_rfc1123() and an out-of-bounds write in png_get_PLTE()/png_set_PLTE(). At least the former vulnerability has been assigned ID CVE-2015-7981. Both are fixed in versions 1.6.19, 1.5.24, 1.4.17, 1.2.54, and 1.0.64, released on 12 November 2015." |
|||||||||||
Steps To Reproduce | ||||||||||||
Additional Information | ||||||||||||
Tags | No tags attached. | |||||||||||
Attached Files | ||||||||||||
|
There are no notes attached to this issue. |
Copyright © 2000 - 2008 Mantis Group |