CVE-2015-8472Classic Buffer Overflow in Libpng

CWE-120Classic Buffer OverflowCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer11 documents10 sources
Severity
7.3HIGHNVD
OSV7.5
EPSS
5.5%
top 9.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
LibpngDebian Libpng1.6Apple MAC OS X+3 more
Timeline
PublishedJan 21
Latest updateMay 17

Description

Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 3.9 | Impact: 3.4

Affected Packages7 packages

debiandebian/libpng1.6< libpng1.6 1.6.20-1 (bookworm)
Ubuntulibpng/libpng< 1.2.50-1ubuntu2.14.04.2
NVDlibpng/libpng113 versions+112
NVDapple/mac_os_x10.11.3

🔴Vulnerability Details

3
GHSA
GHSA-h5hh-r95x-mmfq: Buffer overflow in the png_set_PLTE function in libpng before 12022-05-17
OSV
CVE-2015-8472: Buffer overflow in the png_set_PLTE function in libpng before 12016-01-21
OSV
libpng vulnerabilities2016-01-06

📋Vendor Advisories

5
Microsoft
Buffer overflow in libpng allows remote attackers to cause a denial of service2016-01-12
Ubuntu
libpng vulnerabilities2016-01-06
Red Hat
libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions2015-11-12
Debian
CVE-2015-8472: libpng1.6 - Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and ...2015
Apple
CVE-2015-8472: OS X El Capitan v10.11.4 and Security Update 2016-002

📄Research Papers

1
arXiv
Magma: A Ground-Truth Fuzzing Benchmark2020-10-23

💬Community

1
Bugzilla
CVE-2015-8126 CVE-2015-8472 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions2015-11-13