OS X update for apache_mod_php (CVE-2015-8126)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | November 12, 2015 | March 29, 2016 | April 05, 2017 |
Description
Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
References
Solution
apple-osx-security-update-2016-002Related Vulnerabilities
- ELSA-2015-2596 Moderate: Oracle Linux libpng security update
- RHSA-2015:2596: libpng security update
- RHSA-2015:2595: libpng12 security update
- Gentoo Linux: CVE-2015-8126: libpng: Multiple vulnerabilities
- Amazon Linux AMI: Security patch for libpng (ALAS-2015-611) (CVE-2015-8126)
- RHSA-2016:0101: java-1.6.0-ibm security update
- OS X update for Python (CVE-2015-8126)
- IBM AIX: java_jan2016_advisory (CVE-2015-8126): Vulnerability in IBM Java SDK affects AIX
- ELSA-2015-2595 Moderate: Oracle Linux libpng12 security update
- Debian: CVE-2015-8126: chromium-browser -- security update
- Oracle Solaris 11: CVE-2015-8126: Vulnerability in LibPNG
- FreeBSD: libpng buffer overflow in png_set_PLTE (Multiple CVEs)
- Java CPU January 2016 Java SE, Java SE Embedded AWT vulnerability (CVE-2015-8126)
- Ubuntu: USN-2815-1 (CVE-2015-8126): libpng vulnerabilities
- RHSA-2016:0099: java-1.7.1-ibm security update
- OS X update for Tcl (CVE-2015-8126)
- SUSE: CVE-2015-8126: SUSE Linux Security Advisory
- Alpine Linux: CVE-2015-8126: libpng Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions
- ELSA-2015-2594 Moderate: Oracle Linux libpng security update
- RHSA-2016:0100: java-1.7.0-ibm security update
- RHSA-2016:0098: java-1.8.0-ibm security update
- IBM Java: Oracle January 19 2016 CPU (CVE-2015-8126)
- F5 Networks: K76930736 (CVE-2015-8126): Libpng vulnerability CVE-2015-8126
- RHSA-2015:2594: libpng security update