Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2015-8472

Disclosure Date: January 21, 2016
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Vendors

  • apple,
  • libpng

Products

  • libpng 1.0.64,
  • libpng 1.2.0,
  • libpng 1.2.1,
  • libpng 1.2.10,
  • libpng 1.2.11,
  • libpng 1.2.12,
  • libpng 1.2.13,
  • libpng 1.2.14,
  • libpng 1.2.15,
  • libpng 1.2.16,
  • libpng 1.2.17,
  • libpng 1.2.18,
  • libpng 1.2.19,
  • libpng 1.2.2,
  • libpng 1.2.20,
  • libpng 1.2.21,
  • libpng 1.2.22,
  • libpng 1.2.23,
  • libpng 1.2.24,
  • libpng 1.2.25,
  • libpng 1.2.26,
  • libpng 1.2.27,
  • libpng 1.2.28,
  • libpng 1.2.29,
  • libpng 1.2.3,
  • libpng 1.2.30,
  • libpng 1.2.31,
  • libpng 1.2.32,
  • libpng 1.2.33,
  • libpng 1.2.34,
  • libpng 1.2.35,
  • libpng 1.2.36,
  • libpng 1.2.37,
  • libpng 1.2.38,
  • libpng 1.2.39,
  • libpng 1.2.4,
  • libpng 1.2.40,
  • libpng 1.2.41,
  • libpng 1.2.42,
  • libpng 1.2.43,
  • libpng 1.2.44,
  • libpng 1.2.45,
  • libpng 1.2.46,
  • libpng 1.2.47,
  • libpng 1.2.48,
  • libpng 1.2.49,
  • libpng 1.2.50,
  • libpng 1.2.51,
  • libpng 1.2.52,
  • libpng 1.2.53,
  • libpng 1.2.54,
  • libpng 1.4.0,
  • libpng 1.4.1,
  • libpng 1.4.10,
  • libpng 1.4.11,
  • libpng 1.4.12,
  • libpng 1.4.13,
  • libpng 1.4.14,
  • libpng 1.4.15,
  • libpng 1.4.16,
  • libpng 1.4.17,
  • libpng 1.4.2,
  • libpng 1.4.3,
  • libpng 1.4.4,
  • libpng 1.4.5,
  • libpng 1.4.6,
  • libpng 1.4.7,
  • libpng 1.4.8,
  • libpng 1.4.9,
  • libpng 1.5.1,
  • libpng 1.5.10,
  • libpng 1.5.11,
  • libpng 1.5.12,
  • libpng 1.5.13,
  • libpng 1.5.14,
  • libpng 1.5.15,
  • libpng 1.5.16,
  • libpng 1.5.17,
  • libpng 1.5.18,
  • libpng 1.5.19,
  • libpng 1.5.2,
  • libpng 1.5.20,
  • libpng 1.5.21,
  • libpng 1.5.22,
  • libpng 1.5.23,
  • libpng 1.5.24,
  • libpng 1.5.3,
  • libpng 1.5.4,
  • libpng 1.5.5,
  • libpng 1.5.6,
  • libpng 1.5.7,
  • libpng 1.5.8,
  • libpng 1.5.9,
  • libpng 1.6.0,
  • libpng 1.6.1,
  • libpng 1.6.10,
  • libpng 1.6.11,
  • libpng 1.6.12,
  • libpng 1.6.13,
  • libpng 1.6.14,
  • libpng 1.6.15,
  • libpng 1.6.16,
  • libpng 1.6.17,
  • libpng 1.6.18,
  • libpng 1.6.19,
  • libpng 1.6.2,
  • libpng 1.6.3,
  • libpng 1.6.4,
  • libpng 1.6.5,
  • libpng 1.6.6,
  • libpng 1.6.7,
  • libpng 1.6.8,
  • libpng 1.6.9,
  • mac os x

References

Advisory

Additional Info

Technical Analysis