CVE-2015-7981

Impact:
Low
Public Date:
2015-10-22
CWE:
CWE-125
Bugzilla:
1276416: CVE-2015-7981 libpng: Out-of-bounds read in png_convert_to_rfc1123
An array-indexing error was discovered in the png_convert_to_rfc1123() function of libpng. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image.

Find out more about CVE-2015-7981 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

Base Score 4
Base Metrics AV:N/AC:L/Au:S/C:P/I:N/A:N
Access Vector Network
Access Complexity Low
Authentication Single
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux Supplementary 5 (java-1.6.0-ibm) RHSA-2016:0101 2016-02-02
Red Hat Enterprise Linux 6 (libpng) RHSA-2015:2594 2015-12-09
Red Hat Enterprise Linux 7 (libpng12) RHSA-2015:2595 2015-12-09
Red Hat Enterprise Linux Supplementary (v. 6) (java-1.6.0-ibm) RHSA-2016:0101 2016-02-02
Red Hat Enterprise Linux Supplementary (v. 7) (java-1.7.1-ibm) RHSA-2016:0099 2016-02-02
Red Hat Satellite 5.6 (RHEL v.6) (java-1.7.1-ibm) RHSA-2016:1430 2016-07-18
Red Hat Satellite 5.7 (RHEL v.6) (java-1.7.1-ibm) RHSA-2016:1430 2016-07-18
Red Hat Enterprise Linux Supplementary (v. 6) (java-1.7.1-ibm) RHSA-2016:0099 2016-02-02
Red Hat Satellite 5.6 (RHEL v.5) (java-1.7.0-ibm) RHSA-2016:1430 2016-07-18
Red Hat Enterprise Linux Supplementary 5 (java-1.7.0-ibm) RHSA-2016:0100 2016-02-02

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 7 libpng Not affected
Red Hat Enterprise Linux 5 libpng Will not fix
Red Hat Enterprise Linux 4 libpng10 Will not fix
Red Hat Enterprise Linux 4 libpng Will not fix
Last Modified