Unknown
CVE-2015-8472
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Unknown
(0 users assessed)Unknown
(0 users assessed)Unknown
Unknown
Unknown
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
- apple,
- libpng
Products
- libpng 1.0.64,
- libpng 1.2.0,
- libpng 1.2.1,
- libpng 1.2.10,
- libpng 1.2.11,
- libpng 1.2.12,
- libpng 1.2.13,
- libpng 1.2.14,
- libpng 1.2.15,
- libpng 1.2.16,
- libpng 1.2.17,
- libpng 1.2.18,
- libpng 1.2.19,
- libpng 1.2.2,
- libpng 1.2.20,
- libpng 1.2.21,
- libpng 1.2.22,
- libpng 1.2.23,
- libpng 1.2.24,
- libpng 1.2.25,
- libpng 1.2.26,
- libpng 1.2.27,
- libpng 1.2.28,
- libpng 1.2.29,
- libpng 1.2.3,
- libpng 1.2.30,
- libpng 1.2.31,
- libpng 1.2.32,
- libpng 1.2.33,
- libpng 1.2.34,
- libpng 1.2.35,
- libpng 1.2.36,
- libpng 1.2.37,
- libpng 1.2.38,
- libpng 1.2.39,
- libpng 1.2.4,
- libpng 1.2.40,
- libpng 1.2.41,
- libpng 1.2.42,
- libpng 1.2.43,
- libpng 1.2.44,
- libpng 1.2.45,
- libpng 1.2.46,
- libpng 1.2.47,
- libpng 1.2.48,
- libpng 1.2.49,
- libpng 1.2.50,
- libpng 1.2.51,
- libpng 1.2.52,
- libpng 1.2.53,
- libpng 1.2.54,
- libpng 1.4.0,
- libpng 1.4.1,
- libpng 1.4.10,
- libpng 1.4.11,
- libpng 1.4.12,
- libpng 1.4.13,
- libpng 1.4.14,
- libpng 1.4.15,
- libpng 1.4.16,
- libpng 1.4.17,
- libpng 1.4.2,
- libpng 1.4.3,
- libpng 1.4.4,
- libpng 1.4.5,
- libpng 1.4.6,
- libpng 1.4.7,
- libpng 1.4.8,
- libpng 1.4.9,
- libpng 1.5.1,
- libpng 1.5.10,
- libpng 1.5.11,
- libpng 1.5.12,
- libpng 1.5.13,
- libpng 1.5.14,
- libpng 1.5.15,
- libpng 1.5.16,
- libpng 1.5.17,
- libpng 1.5.18,
- libpng 1.5.19,
- libpng 1.5.2,
- libpng 1.5.20,
- libpng 1.5.21,
- libpng 1.5.22,
- libpng 1.5.23,
- libpng 1.5.24,
- libpng 1.5.3,
- libpng 1.5.4,
- libpng 1.5.5,
- libpng 1.5.6,
- libpng 1.5.7,
- libpng 1.5.8,
- libpng 1.5.9,
- libpng 1.6.0,
- libpng 1.6.1,
- libpng 1.6.10,
- libpng 1.6.11,
- libpng 1.6.12,
- libpng 1.6.13,
- libpng 1.6.14,
- libpng 1.6.15,
- libpng 1.6.16,
- libpng 1.6.17,
- libpng 1.6.18,
- libpng 1.6.19,
- libpng 1.6.2,
- libpng 1.6.3,
- libpng 1.6.4,
- libpng 1.6.5,
- libpng 1.6.6,
- libpng 1.6.7,
- libpng 1.6.8,
- libpng 1.6.9,
- mac os x
References
Advisory
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below: