|
|
Subscribe / Log in / New account

libpng: memory overwrite

Package(s):libpng CVE #(s):CVE-2014-9495
Created:January 7, 2015 Updated:March 9, 2015
Description: From the Mageia advisory:

libpng versions 1.6.9 through 1.6.15 have an integer-overflow vulnerability in png_combine_row() when decoding very wide interlaced images, which can allow an attacker to overwrite an arbitrary amount of memory with arbitrary (attacker-controlled) data.

Alerts:
Mandriva MDVSA-2015:090 libpng 2015-03-28
Gentoo 201502-10 libpng 2015-02-15
Fedora FEDORA-2015-2830 libpng10 2015-03-09
openSUSE openSUSE-SU-2015:0161-1 libpng16 2015-01-28
SUSE SUSE-SU-2015:0092-1 libpng16 2015-01-20
Fedora FEDORA-2015-2863 libpng10 2015-03-09
Mageia MGASA-2015-0008 libpng 2015-01-07
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds