ID CVE-2015-8126
Summary Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.
References
Vulnerable Configurations
  • Apple Mac OS X 10.11.3
    cpe:2.3:o:apple:mac_os_x:10.11.3
  • libpng libpng 1.6.18
    cpe:2.3:a:libpng:libpng:1.6.18
CVSS
Base: 7.5 (as of 24-06-2016 - 12:54)
Impact:
Exploitability:
CWE CWE-119
CAPEC
  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
  • Overflow Binary Resource File
    An attack of this type exploits a buffer overflow vulnerability in the handling of binary resources. Binary resources may include music files like MP3, image files like JPEG files, and any other binary file. These attacks may pass unnoticed to the client machine through normal usage of files, such as a browser loading a seemingly innocent JPEG file. This can allow the attacker access to the execution stack and execute arbitrary code in the target process. This attack pattern is a variant of standard buffer overflow attacks using an unexpected vector (binary files) to wrap its attack and open up a new attack vector. The attacker is required to either directly serve the binary content to the victim, or place it in a locale like a MP3 sharing application, for the victim to download. The attacker then is notified upon the download or otherwise locates the vulnerability opened up by the buffer overflow.
  • Buffer Overflow via Symbolic Links
    This type of attack leverages the use of symbolic links to cause buffer overflows. An attacker can try to create or manipulate a symbolic link file such that its contents result in out of bounds data. When the target software processes the symbolic link file, it could potentially overflow internal buffers with insufficient bounds checking.
  • Overflow Variables and Tags
    This type of attack leverages the use of tags or variables from a formatted configuration data to cause buffer overflow. The attacker crafts a malicious HTML page or configuration file that includes oversized strings, thus causing an overflow.
  • Buffer Overflow via Parameter Expansion
    In this attack, the target software is given input that the attacker knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.
  • Buffer Overflow in an API Call
    This attack targets libraries or shared code modules which are vulnerable to buffer overflow attacks. An attacker who has access to an API may try to embed malicious code in the API function call and exploit a buffer overflow vulnerability in the function's implementation. All clients that make use of the code library thus become vulnerable by association. This has a very broad effect on security across a system, usually affecting more than one software process.
  • Buffer Overflow in Local Command-Line Utilities
    This attack targets command-line utilities available in a number of shells. An attacker can leverage a vulnerability found in a command-line utility to escalate privilege to root.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_42_1_4789-160306.NASL
    description Chromium was updated to 49.0.2623.75 to fix the following security issues: (boo#969333) - CVE-2016-1630: Same-origin bypass in Blink - CVE-2016-1631: Same-origin bypass in Pepper Plugin - CVE-2016-1632: Bad cast in Extensions - CVE-2016-1633: Use-after-free in Blink - CVE-2016-1634: Use-after-free in Blink - CVE-2016-1635: Use-after-free in Blink - CVE-2016-1636: SRI Validation Bypass - CVE-2015-8126: Out-of-bounds access in libpng - CVE-2016-1637: Information Leak in Skia - CVE-2016-1638: WebAPI Bypass - CVE-2016-1639: Use-after-free in WebRTC - CVE-2016-1640: Origin confusion in Extensions UI - CVE-2016-1641: Use-after-free in Favicon - CVE-2016-1642: Various fixes from internal audits, fuzzing and other initiatives - Multiple vulnerabilities in V8 fixed at the tip of the 4.9 branch (currently 4.9.385.26) This plugin has been renamed to openSUSE-2016-664.nasl, plugin ID 90107.
    last seen 2017-10-29
    modified 2016-03-24
    plugin id 89721
    published 2016-03-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89721
    title openSUSE Security Update : 4789 (4789-1) (deprecated)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-0098.NASL
    description Updated java-1.8.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2015-5041, CVE-2015-7575, CVE-2015-8126, CVE-2015-8472, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0475, CVE-2016-0483, CVE-2016-0494) Note: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file. All users of java-1.8.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 8 SR2-FP10 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen 2018-09-07
    modified 2018-09-06
    plugin id 88554
    published 2016-02-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88554
    title RHEL 7 : java-1.8.0-ibm (RHSA-2016:0098) (SLOTH)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-0099.NASL
    description Updated java-1.7.1-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 6 and 7 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494) Note: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file. All users of java-1.7.1-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7R1 SR3-FP30 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen 2018-09-07
    modified 2018-09-06
    plugin id 88555
    published 2016-02-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88555
    title RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2016:0099) (SLOTH)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2015-2594.NASL
    description Updated libpng packages that fix three security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library. (CVE-2015-8126, CVE-2015-8472) An array-indexing error was discovered in the png_convert_to_rfc1123() function of libpng. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image. (CVE-2015-7981) All libpng users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2018-09-09
    modified 2018-09-07
    plugin id 87305
    published 2015-12-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87305
    title RHEL 6 : libpng (RHSA-2015:2594)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2015-337-01.NASL
    description New libpng packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
    last seen 2018-09-01
    modified 2016-03-21
    plugin id 87182
    published 2015-12-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87182
    title Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : libpng (SSA:2015-337-01)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201611-08.NASL
    description The remote host is affected by the vulnerability described in GLSA-201611-08 (libpng: Multiple vulnerabilities) Multiple vulnerabilities were found in libpng. Please review the referenced CVE’s for additional information. Impact : Remote attackers could cause a Denial of Service condition or have other unspecified impacts. Workaround : There is no known workaround at this time.
    last seen 2018-09-01
    modified 2017-01-13
    plugin id 94892
    published 2016-11-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94892
    title GLSA-201611-08 : libpng: Multiple vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2015-39499D9AF8.NASL
    description Latest upstream release, includes fixes for security vulnerabilities: CVE-2015-7981, CVE-2015-8126, CVE-2015-8540 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2016-10-18
    plugin id 89213
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89213
    title Fedora 23 : libpng12-1.2.56-1.fc23 (2015-39499d9af8)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-106.NASL
    description java-1_8_0-openjdk was updated to version 7u95 to fix several security issues. (bsc#962743) The following vulnerabilities were fixed : - CVE-2015-7575: Further reduce use of MD5 (SLOTH) (bsc#960996) - CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays - CVE-2015-8472: Vulnerability in the AWT component, addressed by same fix - CVE-2016-0402: Vulnerability in the Networking component related to URL processing - CVE-2016-0448: Vulnerability in the JMX comonent related to attribute processing - CVE-2016-0466: Vulnerability in the JAXP component, related to limits - CVE-2016-0483: Vulnerability in the AWT component related to image decoding - CVE-2016-0494: Vulnerability in 2D component related to font actions Includes the following fixes from the October 2015 update: (bsc#951376) - CVE-2015-4734: A remote user can exploit a flaw in the Embedded JGSS component to partially access data - CVE-2015-4803: A remote user can exploit a flaw in the JRockit JAXP component to cause partial denial of service conditions - CVE-2015-4805: A remote user can exploit a flaw in the Embedded Serialization component to gain elevated privileges - CVE-2015-4806: A remote user can exploit a flaw in the Java SE Embedded Libraries component to partially access and partially modify data - CVE-2015-4835: A remote user can exploit a flaw in the Embedded CORBA component to gain elevated privileges - CVE-2015-4842: A remote user can exploit a flaw in the Embedded JAXP component to partially access data - CVE-2015-4843: A remote user can exploit a flaw in the Java SE Embedded Libraries component to gain elevated privileges - CVE-2015-4844: A remote user can exploit a flaw in the Embedded 2D component to gain elevated privileges - CVE-2015-4860: A remote user can exploit a flaw in the Embedded RMI component to gain elevated privileges - CVE-2015-4872: A remote user can exploit a flaw in the JRockit Security component to partially modify data []. - CVE-2015-4881: A remote user can exploit a flaw in the Embedded CORBA component to gain elevated privileges - CVE-2015-4882: A remote user can exploit a flaw in the Embedded CORBA component to cause partial denial of service conditions - CVE-2015-4883: A remote user can exploit a flaw in the Embedded RMI component to gain elevated privileges - CVE-2015-4893: A remote user can exploit a flaw in the JRockit JAXP component to cause partial denial of service conditions - CVE-2015-4902: A remote user can exploit a flaw in the Java SE Deployment component to partially modify data - CVE-2015-4903: A remote user can exploit a flaw in the Embedded RMI component to partially access data - CVE-2015-4911: A remote user can exploit a flaw in the JRockit JAXP component to cause partial denial of service conditions - CVE-2015-4810: A local user can exploit a flaw in the Java SE Deployment component to gain elevated privileges - CVE-2015-4840: A remote user can exploit a flaw in the Embedded 2D component to partially access data - CVE-2015-4868: A remote user can exploit a flaw in the Java SE Embedded Libraries component to gain elevated privileges - CVE-2015-4901: A remote user can exploit a flaw in the JavaFX component to gain elevated privileges - CVE-2015-4906: A remote user can exploit a flaw in the JavaFX component to partially access data - CVE-2015-4908: A remote user can exploit a flaw in the JavaFX component to partially access data - CVE-2015-4916: A remote user can exploit a flaw in the JavaFX component to partially access data
    last seen 2018-09-01
    modified 2016-10-13
    plugin id 88537
    published 2016-02-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88537
    title openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-106) (SLOTH)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-107.NASL
    description java-1_7_0-openjdk was updated to version 7u95 to fix 9 security issues. (bsc#962743) - CVE-2015-4871: Rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed - CVE-2015-7575: Further reduce use of MD5 (SLOTH) (bsc#960996) - CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays - CVE-2015-8472: Vulnerability in the AWT component, addressed by same fix - CVE-2016-0402: Vulnerability in the Networking component related to URL processing - CVE-2016-0448: Vulnerability in the JMX comonent related to attribute processing - CVE-2016-0466: Vulnerability in the JAXP component, related to limits - CVE-2016-0483: Vulnerability in the AWT component related to image decoding - CVE-2016-0494: Vulnerability in 2D component related to font actions The following bugs were fixed : - bsc#939523: java-1_7_0-openjdk-headless had X dependencies, move libjavagtk to full package
    last seen 2018-09-01
    modified 2016-10-13
    plugin id 88538
    published 2016-02-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88538
    title openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-107) (SLOTH)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL81903701.NASL
    description Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126. (CVE-2015-8472)
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 91331
    published 2016-05-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91331
    title F5 Networks BIG-IP : Libpng vulnerability (K81903701)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-43735C33A7.NASL
    description Update to 1.6.21 which fixes various CVE's Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2016-03-21
    plugin id 89527
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89527
    title Fedora 22 : mingw-libpng-1.6.21-1.fc22 (2016-43735c33a7)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-330.NASL
    description Chromium was updated to 49.0.2623.75 to fix the following security issues: (boo#969333) - CVE-2016-1630: Same-origin bypass in Blink - CVE-2016-1631: Same-origin bypass in Pepper Plugin - CVE-2016-1632: Bad cast in Extensions - CVE-2016-1633: Use-after-free in Blink - CVE-2016-1634: Use-after-free in Blink - CVE-2016-1635: Use-after-free in Blink - CVE-2016-1636: SRI Validation Bypass - CVE-2015-8126: Out-of-bounds access in libpng - CVE-2016-1637: Information Leak in Skia - CVE-2016-1638: WebAPI Bypass - CVE-2016-1639: Use-after-free in WebRTC - CVE-2016-1640: Origin confusion in Extensions UI - CVE-2016-1641: Use-after-free in Favicon - CVE-2016-1642: Various fixes from internal audits, fuzzing and other initiatives - Multiple vulnerabilities in V8 fixed at the tip of the 4.9 branch (currently 4.9.385.26)
    last seen 2018-09-01
    modified 2016-10-13
    plugin id 89912
    published 2016-03-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89912
    title openSUSE Security Update : Chromium (openSUSE-2016-330)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20151209_LIBPNG_ON_SL7_X.NASL
    description It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library. (CVE-2015-8126, CVE-2015-8472)
    last seen 2018-09-01
    modified 2016-10-19
    plugin id 87585
    published 2015-12-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87585
    title Scientific Linux Security Update : libpng on SL7.x x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2015-2013-1.NASL
    description The libpng16 package was updated to fix the following security issue : - CVE-2015-8126: Fixed a buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions (bsc#954980). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2018-07-31
    plugin id 86940
    published 2015-11-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86940
    title SUSE SLED12 / SLES12 Security Update : libpng16 (SUSE-SU-2015:2013-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-826.NASL
    description The libpng12 package was updated to fix the following security issues : - CVE-2015-8126: Fixed a buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions (bsc#954980). - CVE-2015-7981: Fixed an out-of-bound read (bsc#952051).
    last seen 2018-09-01
    modified 2016-03-21
    plugin id 87087
    published 2015-11-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87087
    title openSUSE Security Update : libpng12 (openSUSE-2015-826)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-115.NASL
    description java-1_7_0-openjdk was updated to version 7u95 to fix 9 security issues. (bsc#962743) - CVE-2015-4871: Rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed - CVE-2015-7575: Further reduce use of MD5 (SLOTH) (bsc#960996) - CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays - CVE-2015-8472: Vulnerability in the AWT component, addressed by same fix - CVE-2016-0402: Vulnerability in the Networking component related to URL processing - CVE-2016-0448: Vulnerability in the JMX comonent related to attribute processing - CVE-2016-0466: Vulnerability in the JAXP component, related to limits - CVE-2016-0483: Vulnerability in the AWT component related to image decoding - CVE-2016-0494: Vulnerability in 2D component related to font actions The following bugs were fixed : - bsc#939523: java-1_7_0-openjdk-headless had X dependencies, move libjavagtk to full package This update was imported from the SUSE:SLE-12:Update update project.
    last seen 2018-09-01
    modified 2016-10-13
    plugin id 88541
    published 2016-02-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88541
    title openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-115) (SLOTH)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2015-4AD4998D00.NASL
    description Security fix for CVE-2015-8126 (#1281757, #12812756) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2016-10-18
    plugin id 89236
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89236
    title Fedora 23 : libpng-1.6.17-3.fc23 (2015-4ad4998d00)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-28.NASL
    description This update fixes the following security issue : - CVE-2015-8126 Multiple buffer overflows in the png_set_PLTE and png_get_PLTE functions allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact [bsc#954980] This update was imported from the SUSE:SLE-12:Update update project.
    last seen 2018-09-02
    modified 2016-03-21
    plugin id 88118
    published 2016-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88118
    title openSUSE Security Update : libpng16 (openSUSE-2016-28)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-0636-1.NASL
    description This update for java-1_7_0-ibm fixes the following issues by updating to 7.0-9.30 (bsc#963937) : - CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances - CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials - CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information - CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions - CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions - CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. - CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact - CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information - CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service - CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact - CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact The following bugs were fixed : - bsc#960402: resolve package conflicts in devel package Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2018-07-31
    plugin id 89657
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89657
    title SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2016:0636-1) (SLOTH)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20151209_LIBPNG_ON_SL6_X.NASL
    description It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library. (CVE-2015-8126, CVE-2015-8472) An array-indexing error was discovered in the png_convert_to_rfc1123() function of libpng. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image. (CVE-2015-7981)
    last seen 2018-09-01
    modified 2016-10-19
    plugin id 87308
    published 2015-12-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87308
    title Scientific Linux Security Update : libpng on SL6.x i386/x86_64
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2015-233750B6AB.NASL
    description new upstream release 1.5.25 (#1288265) ---- Security fix CVE-2015-8126 (#1281756, #1282902) ---- new upstream release 1.5.24 (#1281632) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2016-10-18
    plugin id 89175
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89175
    title Fedora 22 : libpng15-1.5.25-1.fc22 (2015-233750b6ab)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-410.NASL
    description Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, information disclosure, denial of service and insecure cryptography. CVE-2015-7575 A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. CVE-2015-8126 Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. CVE-2015-8472 Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126. CVE-2016-0402 Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking. CVE-2016-0448 Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX. CVE-2016-0466 It was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory. CVE-2016-0483 Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. CVE-2016-0494 Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. For Debian 6 'Squeeze', these problems have been fixed in version 6b38-1.13.10-1~deb6u1. We recommend that you upgrade your openjdk-6 packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2018-07-06
    plugin id 88580
    published 2016-02-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88580
    title Debian DLA-410-1 : openjdk-6 security update (SLOTH)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2015-2596.NASL
    description From Red Hat Security Advisory 2015:2596 : Updated libpng packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library. (CVE-2015-8126, CVE-2015-8472) All libpng users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
    last seen 2018-09-02
    modified 2018-07-25
    plugin id 87302
    published 2015-12-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87302
    title Oracle Linux 7 : libpng (ELSA-2015-2596)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2015-3461E976CB.NASL
    description The fix for CVE-8126 was incomplete in the previous 1.0.64 update. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2016-10-18
    plugin id 89203
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89203
    title Fedora 22 : libpng10-1.0.65-1.fc22 (2015-3461e976cb)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-801.NASL
    description The libpng16 package was updated to fix the following security issues : - CVE-2015-8126: Fixed a buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions (bsc#954980).
    last seen 2018-09-02
    modified 2016-03-21
    plugin id 87081
    published 2015-11-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87081
    title openSUSE Security Update : libpng16 (openSUSE-2015-801)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2015-0153.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Security fix for (CVE-2015-7981, CVE-2015-8126) - Resolves: #1283572
    last seen 2018-09-02
    modified 2018-07-24
    plugin id 87303
    published 2015-12-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87303
    title OracleVM 3.3 : libpng (OVMSA-2015-0153)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-902.NASL
    description This update fixes the following security issue : - CVE-2015-8126 Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions (bsc#954980)
    last seen 2018-09-01
    modified 2016-03-21
    plugin id 87445
    published 2015-12-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87445
    title openSUSE Security Update : libpng12 (openSUSE-2015-902)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2015-EC2DDD15D7.NASL
    description An out-of-bounds read in png_convert_to_rfc1123() in png.c could potentially be exploited by a crafted PNG file to leak information from an application's memory (CVE-2015-7981). Buffer overflow vulnerabilities in functions png_get_PLTE/png_set_PLTE, allowing remote attackers to cause DoS to application or have unspecified other impact (CVE-2015-8126). Also includes various other small bug fixes as detailed in the package changelog. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2016-03-21
    plugin id 89449
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89449
    title Fedora 22 : libpng10-1.0.64-1.fc22 (2015-ec2ddd15d7)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2015-8A1243DB75.NASL
    description libpng 1.6.19 release, fixing CVE-2015-8126 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2016-03-21
    plugin id 89313
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89313
    title Fedora 21 : mingw-libpng-1.6.19-1.fc21 (2015-8a1243db75)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2815-1.NASL
    description Mikulas Patocka discovered that libpng incorrectly handled certain large fields. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause libpng to crash, leading to a denial of service. This issue only affected Ubuntu 12.04 LTS. (CVE-2012-3425) Qixue Xiao discovered that libpng incorrectly handled certain time values. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause libpng to crash, leading to a denial of service. (CVE-2015-7981) It was discovered that libpng incorrectly handled certain small bit-depth values. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking the program. (CVE-2015-8126). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2018-08-03
    plugin id 86993
    published 2015-11-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86993
    title Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : libpng vulnerabilities (USN-2815-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2015-2594.NASL
    description From Red Hat Security Advisory 2015:2594 : Updated libpng packages that fix three security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library. (CVE-2015-8126, CVE-2015-8472) An array-indexing error was discovered in the png_convert_to_rfc1123() function of libpng. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image. (CVE-2015-7981) All libpng users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2018-09-01
    modified 2018-07-25
    plugin id 87300
    published 2015-12-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87300
    title Oracle Linux 6 : libpng (ELSA-2015-2594)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-0433-1.NASL
    description This update for java-1_7_0-ibm fixes the following issues by updating to 7.0-9.30 (bsc#963937) : - CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances - CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials - CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information - CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions - CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions - CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. - CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact - CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information - CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service - CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact - CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact The following bugs were fixed : - bsc#960402: resolve package conflicts in devel package Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2018-07-31
    plugin id 88710
    published 2016-02-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88710
    title SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2016:0433-1) (SLOTH)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL76930736.NASL
    description Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.
    last seen 2018-09-01
    modified 2018-07-11
    plugin id 91436
    published 2016-06-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91436
    title F5 Networks BIG-IP : Libpng vulnerability (SOL76930736)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-664.NASL
    description Chromium was updated to 49.0.2623.75 to fix the following security issues: (boo#969333) - CVE-2016-1630: Same-origin bypass in Blink - CVE-2016-1631: Same-origin bypass in Pepper Plugin - CVE-2016-1632: Bad cast in Extensions - CVE-2016-1633: Use-after-free in Blink - CVE-2016-1634: Use-after-free in Blink - CVE-2016-1635: Use-after-free in Blink - CVE-2016-1636: SRI Validation Bypass - CVE-2015-8126: Out-of-bounds access in libpng - CVE-2016-1637: Information Leak in Skia - CVE-2016-1638: WebAPI Bypass - CVE-2016-1639: Use-after-free in WebRTC - CVE-2016-1640: Origin confusion in Extensions UI - CVE-2016-1641: Use-after-free in Favicon - CVE-2016-1642: Various fixes from internal audits, fuzzing and other initiatives - Multiple vulnerabilities in V8 fixed at the tip of the 4.9 branch (currently 4.9.385.26)
    last seen 2018-09-02
    modified 2016-10-13
    plugin id 90107
    published 2016-03-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90107
    title openSUSE Security Update : Chromium (openSUSE-2016-664)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_1886E1958B8711E590E7B499BAEBFEAF.NASL
    description libpng reports : CVE for a vulnerability in libpng, all versions, in the png_set_PLTE/png_get_PLTE functions. These functions failed to check for an out-of-range palette when reading or writing PNG files with a bit_depth less than 8. Some applications might read the bit depth from the IHDR chunk and allocate memory for a 2^N entry palette, while libpng can return a palette with up to 256 entries even when the bit depth is less than 8.
    last seen 2018-09-02
    modified 2016-10-19
    plugin id 86876
    published 2015-11-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86876
    title FreeBSD : libpng buffer overflow in png_set_PLTE (1886e195-8b87-11e5-90e7-b499baebfeaf)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-0665-1.NASL
    description Chromium was updated to 49.0.2623.75 to fix the following security issues: (boo#969333) - CVE-2016-1630: Same-origin bypass in Blink - CVE-2016-1631: Same-origin bypass in Pepper Plugin - CVE-2016-1632: Bad cast in Extensions - CVE-2016-1633: Use-after-free in Blink - CVE-2016-1634: Use-after-free in Blink - CVE-2016-1635: Use-after-free in Blink - CVE-2016-1636: SRI Validation Bypass - CVE-2015-8126: Out-of-bounds access in libpng - CVE-2016-1637: Information Leak in Skia - CVE-2016-1638: WebAPI Bypass - CVE-2016-1639: Use-after-free in WebRTC - CVE-2016-1640: Origin confusion in Extensions UI - CVE-2016-1641: Use-after-free in Favicon - CVE-2016-1642: Various fixes from internal audits, fuzzing and other initiatives - Multiple vulnerabilities in V8 fixed at the tip of the 4.9 branch (currently 4.9.385.26) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2018-07-31
    plugin id 89775
    published 2016-03-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89775
    title SUSE SLES12 Security Update : Chromium (SUSE-SU-2016:0665-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-0041-1.NASL
    description This update fixes the following security issue : - CVE-2015-8126 Possible buffer overflow vulnerabilities in png_get_PLTE and png_set_PLTE functions could cause a denial of service (application crash) or possibly have an unspecified impact [bsc#954980] Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2018-07-31
    plugin id 87864
    published 2016-01-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87864
    title SUSE SLED12 / SLES12 Security Update : libpng15 (SUSE-SU-2016:0041-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-0390-1.NASL
    description This update for java-1_8_0-ibm fixes the following security issues by updating to 8.0-2.10 (bsc#963937) : - CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances - CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials - CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions - CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions - CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact - CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information - CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service - CVE-2016-0475: An unspecified vulnerability related to the Libraries component has partial confidentiality impact, partial integrity impact, and no availability impact - CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact - CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact The following bugs were fixed : - bsc#960402: resolve package conflicts in devel package Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2018-07-31
    plugin id 88692
    published 2016-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88692
    title SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2016:0390-1) (SLOTH)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2015-AC8100927A.NASL
    description Latest upstream release, includes fixes for security vulnerabilities: CVE-2015-7981, CVE-2015-8126, CVE-2015-8540 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2016-10-18
    plugin id 89365
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89365
    title Fedora 22 : libpng12-1.2.56-1.fc22 (2015-ac8100927a)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-0256-1.NASL
    description java-1_8_0-openjdk was updated to version 7u95 to fix several security issues. (bsc#962743) The following vulnerabilities were fixed : - CVE-2015-7575: Further reduce use of MD5 (SLOTH) (bsc#960996) - CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays - CVE-2015-8472: Vulnerability in the AWT component, addressed by same fix - CVE-2016-0402: Vulnerability in the Networking component related to URL processing - CVE-2016-0448: Vulnerability in the JMX comonent related to attribute processing - CVE-2016-0466: Vulnerability in the JAXP component, related to limits - CVE-2016-0483: Vulnerability in the AWT component related to image decoding - CVE-2016-0494: Vulnerability in 2D component related to font actions Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2018-07-31
    plugin id 88453
    published 2016-01-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88453
    title SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2016:0256-1) (SLOTH)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-0265-1.NASL
    description java-1_7_0-openjdk was updated to version 7u95 to fix 9 security issues. (bsc#962743) - CVE-2015-4871: Rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed - CVE-2015-7575: Further reduce use of MD5 (SLOTH) (bsc#960996) - CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays - CVE-2015-8472: Vulnerability in the AWT component, addressed by same fix - CVE-2016-0402: Vulnerability in the Networking component related to URL processing - CVE-2016-0448: Vulnerability in the JMX comonent related to attribute processing - CVE-2016-0466: Vulnerability in the JAXP component, related to limits - CVE-2016-0483: Vulnerability in the AWT component related to image decoding - CVE-2016-0494: Vulnerability in 2D component related to font actions The following bugs were fixed : - bsc#939523: java-1_7_0-openjdk-headless had X dependencies, move libjavagtk to full package Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2018-07-31
    plugin id 88485
    published 2016-01-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88485
    title SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:0265-1) (SLOTH)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-110.NASL
    description Update OpenJDK to 7u95 / IcedTea 2.6.4 including the following fixes : - Security fixes - S8059054, CVE-2016-0402: Better URL processing - S8130710, CVE-2016-0448: Better attributes processing - S8132210: Reinforce JMX collector internals - S8132988: Better printing dialogues - S8133962, CVE-2016-0466: More general limits - S8137060: JMX memory management improvements - S8139012: Better font substitutions - S8139017, CVE-2016-0483: More stable image decoding - S8140543, CVE-2016-0494: Arrange font actions - S8143185: Cleanup for handling proxies - S8143941, CVE-2015-8126, CVE-2015-8472: Update splashscreen displays - S8144773, CVE-2015-7575: Further reduce use of MD5 (SLOTH) - S8142882, CVE-2015-4871: rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed - Import of OpenJDK 7 u95 build 0 - S7167988: PKIX CertPathBuilder in reverse mode doesn't work if more than one trust anchor is specified - S8068761: [TEST_BUG] java/nio/channels/ServerSocketChannel/AdaptServerSocket. java failed with SocketTimeoutException - S8074068: Cleanup in src/share/classes/sun/security/x509/ - S8075773: jps running as root fails after the fix of JDK-8050807 - S8081297: SSL Problem with Tomcat - S8131181: Increment minor version of HSx for 7u95 and initialize the build number - S8132082: Let OracleUcrypto accept RSAPrivateKey - S8134605: Partial rework of the fix for 8081297 - S8134861: XSLT: Extension func call cause exception if namespace URI contains partial package name - S8135307: CompletionFailure thrown when calling FieldDoc.type, if the field's type is missing - S8138716: (tz) Support tzdata2015g - S8140244: Port fix of JDK-8075773 to MacOSX - S8141213: [Parfait]Potentially blocking function GetArrayLength called in JNI critical region at line 239 of jdk/src/share/native/sun/awt/image/jpeg/jpegdecoder.c in function GET_ARRAYS - S8141287: Add MD5 to jdk.certpath.disabledAlgorithms - Take 2 - S8142928: [TEST_BUG] sun/security/provider/certpath/ReverseBuilder/ReverseBui ld.java 8u71 failure - S8143132: L10n resource file translation update - S8144955: Wrong changes were pushed with 8143942 - S8145551: Test failed with Crash for Improved font lookups - S8147466: Add -fno-strict-overflow to IndicRearrangementProcessor{,2}.cpp - Backports - S8140244: Port fix of JDK-8075773 to AIX - S8133196, PR2712, RH1251935: HTTPS hostname invalid issue with InetAddress - S8140620, PR2710: Find and load default.sf2 as the default soundbank on Linux
    last seen 2018-09-01
    modified 2016-10-13
    plugin id 88540
    published 2016-02-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88540
    title openSUSE Security Update : Java7 (openSUSE-2016-110) (SLOTH)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-9A1C707B10.NASL
    description Update to 1.6.21 which fixes various CVE's Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2016-03-21
    plugin id 89587
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89587
    title Fedora 23 : mingw-libpng-1.6.21-1.fc23 (2016-9a1c707b10)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-0050-1.NASL
    description This update fixes the following security issue - CVE-2015-8126 Multiple buffer overflows in the png_set_PLTE and png_get_PLTE functions allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact [bsc#954980] Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2018-07-31
    plugin id 87866
    published 2016-01-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87866
    title SUSE SLED12 / SLES12 Security Update : libpng12 (SUSE-SU-2016:0050-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-0431-1.NASL
    description This update for java-1_6_0-ibm fixes the following issues by updating to 6.0-16.20 (bsc#963937) - CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances - CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials - CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information - CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions - CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions - CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. - CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact - CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information - CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service - CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact - CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact The following bugs were fixed : - bsc#960402: resolve package conflicts in devel package - bsc#960286: resolve package conflicts in the fonts subpackage Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2018-07-31
    plugin id 88709
    published 2016-02-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88709
    title SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0431-1) (SLOTH)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3399.NASL
    description Several vulnerabilities have been discovered in the libpng PNG library. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2015-7981 Qixue Xiao discovered an out-of-bounds read vulnerability in the png_convert_to_rfc1123 function. A remote attacker can potentially take advantage of this flaw to cause disclosure of information from process memory. - CVE-2015-8126 Multiple buffer overflows were discovered in the png_set_PLTE and png_get_PLTE functions. A remote attacker can take advantage of this flaw to cause a denial of service (application crash) via a small bit-depth value in an IHDR (image header) chunk in a PNG image.
    last seen 2018-09-01
    modified 2018-07-10
    plugin id 86921
    published 2015-11-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86921
    title Debian DSA-3399-1 : libpng - security update
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2015-501493D853.NASL
    description An out-of-bounds read in png_convert_to_rfc1123() in png.c could potentially be exploited by a crafted PNG file to leak information from an application's memory (CVE-2015-7981). Buffer overflow vulnerabilities in functions png_get_PLTE/png_set_PLTE, allowing remote attackers to cause DoS to application or have unspecified other impact (CVE-2015-8126). Also includes various other small bug fixes as detailed in the package changelog. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2016-03-21
    plugin id 89239
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89239
    title Fedora 21 : libpng10-1.0.64-1.fc21 (2015-501493d853)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2015-C80EC85542.NASL
    description new upstream release 1.5.25 (#1288265) ---- Security fix CVE-2015-8126 (#1281756, #1282902) ---- new upstream release 1.5.24 (#1281632) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2016-10-18
    plugin id 89405
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89405
    title Fedora 23 : libpng15-1.5.25-1.fc23 (2015-c80ec85542)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_GOOGLE_CHROME_49_0_2623_75.NASL
    description The version of Google Chrome installed on the remote Mac OS X host is prior to 49.0.2623.75. It is, therefore, affected by multiple vulnerabilities : - Multiple overflow conditions exist in the libpng library in the png_set_PLTE() and png_get_PLTE() functions due to improper handling of bit depths less than eight. A remote attacker can exploit this, via a specially crafted PNG image, to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-8126) - An unspecified flaw exists in Blink that allows an attacker to bypass the same-origin policy. (CVE-2016-1630) - An unspecified flaw exists in the Pepper plugin that allows an attacker to bypass the same-origin policy. (CVE-2016-1631) - A bad cast flaw exists in the Extensions component that allows an attacker to have an unspecified impact. (CVE-2016-1632) - Multiple use-after-free errors exist in Blink. A remote attacker can exploit these issues to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1633, CVE-2016-1634, CVE-2016-1635) - An unspecified flaw exists that allows an attacker to bypass SRI validation. (CVE-2016-1636) - An unspecified flaw exists that allows an attacker to disclose sensitive information. (CVE-2016-1637) - An unspecified flaw exists that allows an attacker to bypass the webAPI. (CVE-2016-1638) - A use-after-free error exists in WebRTC. A remote attacker can exploit this issue to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1639) - An unspecified origin confusion flaw exists in the Extensions UI that allows an attacker to have an unspecified impact. (CVE-2016-1640) - A use-after-free error exists in Favicon. A remote attacker can exploit this issue to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1641) - Multiple flaws exist that allow a remote attacker to execute arbitrary code. (CVE-2016-1642) - Multiple unspecified flaws exist in Google V8 in runetime-scopes.cc that allows an attacker to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-2843)
    last seen 2018-09-01
    modified 2018-07-14
    plugin id 89686
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89686
    title Google Chrome < 49.0.2623.75 Multiple Vulnerabilities (Mac OS X)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2015-8C475F7169.NASL
    description The fix for CVE-8126 was incomplete in the previous 1.0.64 update. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2016-10-18
    plugin id 89317
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89317
    title Fedora 23 : libpng10-1.0.65-1.fc23 (2015-8c475f7169)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2016-002.NASL
    description The remote host is running a version of Mac OS X that is 10.9.5 or 10.10.5 and is missing Security Update 2016-002. It is, therefore, affected by multiple vulnerabilities in the following components : - apache_mod_php - Kernel - libxml2 - OpenSSH - Python - Tcl Note that successful exploitation of the most serious issues can result in arbitrary code execution.
    last seen 2018-09-01
    modified 2018-07-14
    plugin id 90097
    published 2016-03-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90097
    title Mac OS X 10.9.5 / 10.10.5 Multiple Vulnerabilities (Security Update 2016-002)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201603-09.NASL
    description The remote host is affected by the vulnerability described in GLSA-201603-09 (Chromium: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the Chromium web browser. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions. Workaround : There is no known workaround at this time.
    last seen 2018-09-01
    modified 2016-10-10
    plugin id 89902
    published 2016-03-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89902
    title GLSA-201603-09 : Chromium: Multiple vulnerabilities
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3507.NASL
    description Several vulnerabilities have been discovered in the chromium web browser. - CVE-2015-8126 Joerg Bornemann discovered multiple buffer overflow issues in the libpng library. - CVE-2016-1630 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in Blink/Webkit. - CVE-2016-1631 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in the Pepper Plugin API. - CVE-2016-1632 A bad cast was discovered. - CVE-2016-1633 cloudfuzzer discovered a use-after-free issue in Blink/Webkit. - CVE-2016-1634 cloudfuzzer discovered a use-after-free issue in Blink/Webkit. - CVE-2016-1635 Rob Wu discovered a use-after-free issue in Blink/Webkit. - CVE-2016-1636 A way to bypass SubResource Integrity validation was discovered. - CVE-2016-1637 Keve Nagy discovered an information leak in the skia library. - CVE-2016-1638 Rob Wu discovered a WebAPI bypass issue. - CVE-2016-1639 Khalil Zhani discovered a use-after-free issue in the WebRTC implementation. - CVE-2016-1640 Luan Herrera discovered an issue with the Extensions user interface. - CVE-2016-1641 Atte Kettunen discovered a use-after-free issue in the handling of favorite icons. - CVE-2016-1642 The chrome 49 development team found and fixed various issues during internal auditing. Also multiple issues were fixed in the v8 JavaScript library, version 4.9.385.26.
    last seen 2018-09-01
    modified 2016-10-10
    plugin id 89697
    published 2016-03-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89697
    title Debian DSA-3507-1 : chromium-browser - security update
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2015-1D87313B7C.NASL
    description An out-of-bounds read in png_convert_to_rfc1123() in png.c could potentially be exploited by a crafted PNG file to leak information from an application's memory (CVE-2015-7981). Buffer overflow vulnerabilities in functions png_get_PLTE/png_set_PLTE, allowing remote attackers to cause DoS to application or have unspecified other impact (CVE-2015-8126). Also includes various other small bug fixes as detailed in the package changelog. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2016-03-21
    plugin id 89167
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89167
    title Fedora 23 : libpng10-1.0.64-1.fc23 (2015-1d87313b7c)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2015-2017-1.NASL
    description The libpng12-0 package was updated to fix the following security issues : - CVE-2015-8126: Fixed a buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions (bsc#954980). - CVE-2015-7981: Fixed an out-of-bound read (bsc#952051). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2018-07-31
    plugin id 86941
    published 2015-11-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86941
    title SUSE SLED11 / SLES11 Security Update : libpng12-0 (SUSE-SU-2015:2017-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2015-5E52306C9C.NASL
    description Security fix for CVE-2015-8126 (#1281757, #1281756). Proper patch Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2016-03-21
    plugin id 89252
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89252
    title Fedora 23 : libpng-1.6.17-4.fc23 (2015-5e52306c9c)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-0027-1.NASL
    description This update fixes the following security issue : - CVE-2015-8126 Multiple buffer overflows in the png_set_PLTE and png_get_PLTE functions allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact [bsc#954980] Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2018-07-31
    plugin id 87861
    published 2016-01-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87861
    title SUSE SLED12 / SLES12 Security Update : libpng16 (SUSE-SU-2016:0027-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-0269-1.NASL
    description java-1_7_0-openjdk was updated to version 7u95 to fix 9 security issues. (bsc#962743) - CVE-2015-4871: Rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed - CVE-2015-7575: Further reduce use of MD5 (SLOTH) (bsc#960996) - CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays - CVE-2015-8472: Vulnerability in the AWT component, addressed by same fix - CVE-2016-0402: Vulnerability in the Networking component related to URL processing - CVE-2016-0448: Vulnerability in the JMX comonent related to attribute processing - CVE-2016-0466: Vulnerability in the JAXP component, related to limits - CVE-2016-0483: Vulnerability in the AWT component related to image decoding - CVE-2016-0494: Vulnerability in 2D component related to font actions Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2018-07-31
    plugin id 88486
    published 2016-01-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88486
    title SUSE SLED11 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:0269-1) (SLOTH)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2015-97FC1797FA.NASL
    description libpng 1.6.19 release, fixing CVE-2015-8126 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2016-03-21
    plugin id 89331
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89331
    title Fedora 22 : mingw-libpng-1.6.19-1.fc22 (2015-97fc1797fa)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2015-2595.NASL
    description From Red Hat Security Advisory 2015:2595 : Updated libpng12 packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libpng12 packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library. (CVE-2015-8126, CVE-2015-8472) An array-indexing error was discovered in the png_convert_to_rfc1123() function of libpng. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image. (CVE-2015-7981) All libpng12 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2018-09-01
    modified 2018-07-25
    plugin id 87301
    published 2015-12-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87301
    title Oracle Linux 7 : libpng12 (ELSA-2015-2595)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-31.NASL
    description This update fixes the following security issue : - CVE-2015-8126 Possible buffer overflow vulnerabilities in png_get_PLTE and png_set_PLTE functions could cause a denial of service (application crash) or possibly have an unspecified impact [bsc#954980] This update was imported from the SUSE:SLE-12-SP1:Update update project.
    last seen 2018-09-01
    modified 2016-03-21
    plugin id 88121
    published 2016-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88121
    title openSUSE Security Update : libpng15 (openSUSE-2016-31)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-754.NASL
    description This update for vlc to 2.2.4 to fix the following security issue : - CVE-2016-5108: Fix out-of-bound write in adpcm QT IMA codec (boo#984382). This also include an update of codecs and libraries to fix these 3rd party security issues : - CVE-2016-1514: Matroska libebml EbmlUnicodeString Heap Information Leak - CVE-2016-1515: Matroska libebml Multiple ElementList Double Free Vulnerabilities - CVE-2015-7981: The png_convert_to_rfc1123 function in png.c in libpng allowed remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read (bsc#952051). - CVE-2015-8126: Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image (bsc#954980).
    last seen 2018-09-01
    modified 2016-10-13
    plugin id 91772
    published 2016-06-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91772
    title openSUSE Security Update : vlc (openSUSE-2016-754)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-0770-1.NASL
    description This update for java-1_6_0-ibm fixes the following issues by updating to 6.0-16.20 (bsc#963937) - CVE-2015-5041: Could could have invoked non-public interface methods under certain circumstances - CVE-2015-7575: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials - CVE-2015-7981: libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information - CVE-2015-8126: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions - CVE-2015-8472: buffer overflow in libpng caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions - CVE-2015-8540: libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. - CVE-2016-0402: An unspecified vulnerability related to the Networking component has no confidentiality impact, partial integrity impact, and no availability impact - CVE-2016-0448: An unspecified vulnerability related to the JMX component could allow a remote attacker to obtain sensitive information - CVE-2016-0466: An unspecified vulnerability related to the JAXP component could allow a remote attacker to cause a denial of service - CVE-2016-0483: An unspecified vulnerability related to the AWT component has complete confidentiality impact, complete integrity impact, and complete availability impact - CVE-2016-0494: An unspecified vulnerability related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact The following bugs were fixed : - bsc#960402: resolve package conflicts in devel package - bsc#960286: resolve package conflicts in the fonts subpackage Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2018-07-31
    plugin id 89961
    published 2016-03-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89961
    title SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0770-1) (SLOTH)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-30.NASL
    description This update fixes the following security issue - CVE-2015-8126 Multiple buffer overflows in the png_set_PLTE and png_get_PLTE functions allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact [bsc#954980] This update was imported from the SUSE:SLE-12:Update update project.
    last seen 2018-09-01
    modified 2016-03-21
    plugin id 88120
    published 2016-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88120
    title openSUSE Security Update : libpng12 (openSUSE-2016-30)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-802.NASL
    description The libpng12 package was updated to fix the following security issues : - CVE-2015-8126: Fixed a buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions (bsc#954980). - CVE-2015-7981: Fixed an out-of-bound read (bsc#952051).
    last seen 2018-09-01
    modified 2016-03-21
    plugin id 87082
    published 2015-11-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87082
    title openSUSE Security Update : libpng12 (openSUSE-2015-802)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-0061-1.NASL
    description - security update: This update fixes the following securit issue : - CVE-2015-8126 Multiple buffer overflows in the png_set_PLTE and png_get_PLTE functions allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact [bsc#954980] Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2018-07-31
    plugin id 87867
    published 2016-01-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87867
    title SUSE SLED11 / SLES11 Security Update : libpng12-0 (SUSE-SU-2016:0061-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2015-13668FFF74.NASL
    description libpng 1.6.19 release, fixing CVE-2015-8126 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2016-03-21
    plugin id 89152
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89152
    title Fedora 23 : mingw-libpng-1.6.19-1.fc23 (2015-13668fff74)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20151209_LIBPNG12_ON_SL7_X.NASL
    description It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library. (CVE-2015-8126, CVE-2015-8472) An array-indexing error was discovered in the png_convert_to_rfc1123() function of libpng. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image. (CVE-2015-7981)
    last seen 2018-09-01
    modified 2016-10-19
    plugin id 87584
    published 2015-12-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87584
    title Scientific Linux Security Update : libpng12 on SL7.x x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2015-2024-1.NASL
    description The libpng12 package was updated to fix the following security issues : - CVE-2015-8126: Fixed a buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions (bsc#954980). - CVE-2015-7981: Fixed an out-of-bound read (bsc#952051). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2018-07-31
    plugin id 86942
    published 2015-11-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86942
    title SUSE SLED12 / SLES12 Security Update : libpng12 (SUSE-SU-2015:2024-1)
  • NASL family Windows
    NASL id ORACLE_JAVA_CPU_JAN_2016.NASL
    description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 8 Update 71, 7 Update 95, or 6 Update 111. It is, therefore, affected by security vulnerabilities in the following components : - 2D - AWT - JAXP - JMX - Libraries - Networking - Security
    last seen 2018-09-01
    modified 2018-07-18
    plugin id 88045
    published 2016-01-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88045
    title Oracle Java SE Multiple Vulnerabilities (January 2016 CPU) (SLOTH)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-0100.NASL
    description Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494) Note: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file. All users of java-1.7.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7 SR9-FP30 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen 2018-09-07
    modified 2018-09-06
    plugin id 88556
    published 2016-02-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88556
    title RHEL 5 : java-1.7.0-ibm (RHSA-2016:0100) (SLOTH)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-0057.NASL
    description Updated java-1.6.0-sun packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2015-8126, CVE-2015-8472, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494) Note: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file. All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide Oracle Java 6 Update 111 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect.
    last seen 2018-09-07
    modified 2018-09-06
    plugin id 88076
    published 2016-01-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88076
    title RHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2016:0057)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-343.NASL
    description - CVE-2015-7981 Added a safety check in png_set_tIME() (Bug report from Qixue Xiao). - CVE-2015-8126 Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. - CVE-2012-3425 vulnerable code is not present here NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2018-07-06
    plugin id 86907
    published 2015-11-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86907
    title Debian DLA-343-1 : libpng security update
  • NASL family Windows
    NASL id GOOGLE_CHROME_49_0_2623_75.NASL
    description The version of Google Chrome installed on the remote Windows host is prior to 49.0.2623.75. It is, therefore, affected by multiple vulnerabilities : - Multiple overflow conditions exist in the libpng library in the png_set_PLTE() and png_get_PLTE() functions due to improper handling of bit depths less than eight. A remote attacker can exploit this, via a specially crafted PNG image, to cause a denial of service condition or the execution of arbitrary code. (CVE-2015-8126) - An unspecified flaw exists in Blink that allows an attacker to bypass the same-origin policy. (CVE-2016-1630) - An unspecified flaw exists in the Pepper plugin that allows an attacker to bypass the same-origin policy. (CVE-2016-1631) - A bad cast flaw exists in the Extensions component that allows an attacker to have an unspecified impact. (CVE-2016-1632) - Multiple use-after-free errors exist in Blink. A remote attacker can exploit these issues to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1633, CVE-2016-1634, CVE-2016-1635) - An unspecified flaw exists that allows an attacker to bypass SRI validation. (CVE-2016-1636) - An unspecified flaw exists that allows an attacker to disclose sensitive information. (CVE-2016-1637) - An unspecified flaw exists that allows an attacker to bypass the webAPI. (CVE-2016-1638) - A use-after-free error exists in WebRTC. A remote attacker can exploit this issue to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1639) - An unspecified origin confusion flaw exists in the Extensions UI that allows an attacker to have an unspecified impact. (CVE-2016-1640) - A use-after-free error exists in Favicon. A remote attacker can exploit this issue to dereference already freed memory, resulting in the execution of arbitrary code. (CVE-2016-1641) - Multiple flaws exist that allow a remote attacker to execute arbitrary code. (CVE-2016-1642) - Multiple unspecified flaws exist in Google V8 in runetime-scopes.cc that allows an attacker to cause a denial of service condition or the execution of arbitrary code. (CVE-2016-2843
    last seen 2018-09-02
    modified 2018-07-12
    plugin id 89685
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89685
    title Google Chrome < 49.0.2623.75 Multiple Vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-0101.NASL
    description Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494) Note: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file. All users of java-1.6.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 6 SR16-FP20 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen 2018-09-07
    modified 2018-09-06
    plugin id 88557
    published 2016-02-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88557
    title RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2016:0101) (SLOTH)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-105.NASL
    description java-1_8_0-openjdk was updated to version 7u95 to fix 9 security issues. (bsc#962743) - CVE-2015-7575: Further reduce use of MD5 (SLOTH) (bsc#960996) - CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays - CVE-2015-8472: Vulnerability in the AWT component, addressed by same fix - CVE-2016-0402: Vulnerability in the Networking component related to URL processing - CVE-2016-0448: Vulnerability in the JMX comonent related to attribute processing - CVE-2016-0466: Vulnerability in the JAXP component, related to limits - CVE-2016-0483: Vulnerability in the AWT component related to image decoding - CVE-2016-0494: Vulnerability in 2D component related to font actions
    last seen 2018-09-01
    modified 2016-10-13
    plugin id 88536
    published 2016-02-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88536
    title openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-105) (SLOTH)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-316.NASL
    description Chromium was updated to 49.0.2623.75 to fix the following security issues: (boo#969333) - CVE-2016-1630: Same-origin bypass in Blink - CVE-2016-1631: Same-origin bypass in Pepper Plugin - CVE-2016-1632: Bad cast in Extensions - CVE-2016-1633: Use-after-free in Blink - CVE-2016-1634: Use-after-free in Blink - CVE-2016-1635: Use-after-free in Blink - CVE-2016-1636: SRI Validation Bypass - CVE-2015-8126: Out-of-bounds access in libpng - CVE-2016-1637: Information Leak in Skia - CVE-2016-1638: WebAPI Bypass - CVE-2016-1639: Use-after-free in WebRTC - CVE-2016-1640: Origin confusion in Extensions UI - CVE-2016-1641: Use-after-free in Favicon - CVE-2016-1642: Various fixes from internal audits, fuzzing and other initiatives - Multiple vulnerabilities in V8 fixed at the tip of the 4.9 branch (currently 4.9.385.26)
    last seen 2018-09-01
    modified 2016-10-13
    plugin id 89813
    published 2016-03-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89813
    title openSUSE Security Update : Chromium (openSUSE-2016-316)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_11_4.NASL
    description The remote host is running a version of Mac OS X that is 10.11.x prior to 10.11.4. It is, therefore, affected by multiple vulnerabilities in the following components : - apache_mod_php - AppleRAID - AppleUSBNetworking - Bluetooth - Carbon - dyld - FontParser - HTTPProtocol - Intel Graphics Driver - IOFireWireFamily - IOGraphics - IOHIDFamily - IOUSBFamily - Kernel - libxml2 - Messages - NVIDIA Graphics Drivers - OpenSSH - OpenSSL - Python - QuickTime - Reminders - Ruby - Security - Tcl - TrueTypeScaler - Wi-Fi Note that successful exploitation of the most serious issues can result in arbitrary code execution.
    last seen 2018-09-01
    modified 2018-07-14
    plugin id 90096
    published 2016-03-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90096
    title Mac OS X 10.11.x < 10.11.4 Multiple Vulnerabilities
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2015-611.NASL
    description Multiple buffer overflows in the png_set_PLTE and png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19, allowing remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image (CVE-2015-8126).
    last seen 2018-09-02
    modified 2018-04-18
    plugin id 87015
    published 2015-11-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87015
    title Amazon Linux AMI : libpng (ALAS-2015-611)
  • NASL family AIX Local Security Checks
    NASL id AIX_JAVA_JAN2016_ADVISORY.NASL
    description The version of Java SDK installed on the remote AIX host is affected by multiple vulnerabilities in the following components : - 2D - AWT - IBM J9 JVM - JAXP - JMX - Libraries - Networking - Security
    last seen 2018-09-01
    modified 2018-07-17
    plugin id 89053
    published 2016-03-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89053
    title AIX Java Advisory : java_jan2016_advisory.asc (January 2016 CPU) (SLOTH)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2015-2596.NASL
    description Updated libpng packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library. (CVE-2015-8126, CVE-2015-8472) All libpng users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
    last seen 2018-11-11
    modified 2018-11-10
    plugin id 87285
    published 2015-12-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87285
    title CentOS 7 : libpng (CESA-2015:2596)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2015-2596.NASL
    description Updated libpng packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library. (CVE-2015-8126, CVE-2015-8472) All libpng users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
    last seen 2018-10-18
    modified 2018-10-17
    plugin id 87307
    published 2015-12-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87307
    title RHEL 7 : libpng (RHSA-2015:2596)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-825.NASL
    description The libpng16 package was updated to fix the following security issue : - CVE-2015-8126: Fixed a buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions (bsc#954980).
    last seen 2018-09-01
    modified 2016-03-21
    plugin id 87086
    published 2015-11-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87086
    title openSUSE Security Update : libpng16 (openSUSE-2015-825)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2015-2595.NASL
    description Updated libpng12 packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libpng12 packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library. (CVE-2015-8126, CVE-2015-8472) An array-indexing error was discovered in the png_convert_to_rfc1123() function of libpng. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image. (CVE-2015-7981) All libpng12 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2018-10-18
    modified 2018-10-17
    plugin id 87306
    published 2015-12-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87306
    title RHEL 7 : libpng12 (RHSA-2015:2595)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-904.NASL
    description libpng16 was updated to fix one security issue. The following vulnerability was fixed : - CVE-2015-8126: previously fixed incompletely [boo#954980]
    last seen 2018-09-02
    modified 2016-03-21
    plugin id 87446
    published 2015-12-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87446
    title openSUSE Security Update : libpng16 (openSUSE-2015-904)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-0776-1.NASL
    description IBM Java was updated to version 6.0-16.20, fixing various security issues. More information can be found on http://www.i bm.com/developerworks/java/jdk/alerts/. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-06
    modified 2018-09-05
    plugin id 89989
    published 2016-03-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89989
    title SUSE SLES10 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0776-1) (SLOTH)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-0056.NASL
    description Updated java-1.7.0-oracle packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2015-7575, CVE-2015-8126, CVE-2015-8472, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494) Note: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file. All users of java-1.7.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 7 Update 95 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect.
    last seen 2018-09-07
    modified 2018-09-06
    plugin id 88075
    published 2016-01-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88075
    title RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2016:0056) (SLOTH)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-1430.NASL
    description An update for java-1.7.0-ibm and java-1.7.1-ibm is now available for Red Hat Satellite 5.7 and Red Hat Satellite 5.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to versions 7 SR9-FP40 and 7R1 SR3-FP40. Security Fix(es) : * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006, CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449) Red Hat would like to thank Andrea Palazzo of Truel IT for reporting the CVE-2015-4806 issue.
    last seen 2018-09-07
    modified 2018-09-06
    plugin id 92400
    published 2016-07-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92400
    title RHEL 5 / 6 : java-1.7.0-ibm and java-1.7.1-ibm (RHSA-2016:1430) (SLOTH)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2015-2595.NASL
    description Updated libpng12 packages that fix three security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libpng12 packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library. (CVE-2015-8126, CVE-2015-8472) An array-indexing error was discovered in the png_convert_to_rfc1123() function of libpng. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image. (CVE-2015-7981) All libpng12 users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2018-11-11
    modified 2018-11-10
    plugin id 87284
    published 2015-12-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87284
    title CentOS 7 : libpng12 (CESA-2015:2595)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2015-2594.NASL
    description Updated libpng packages that fix three security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library. (CVE-2015-8126, CVE-2015-8472) An array-indexing error was discovered in the png_convert_to_rfc1123() function of libpng. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image. (CVE-2015-7981) All libpng users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2018-11-11
    modified 2018-11-10
    plugin id 87283
    published 2015-12-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=87283
    title CentOS 6 : libpng (CESA-2015:2594)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-0055.NASL
    description Updated java-1.8.0-oracle packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2015-7575, CVE-2015-8126, CVE-2015-8472, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0475, CVE-2016-0483, CVE-2016-0494) Note: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file. All users of java-1.8.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 8 Update 71 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect.
    last seen 2018-09-07
    modified 2018-09-06
    plugin id 88074
    published 2016-01-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88074
    title RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2016:0055) (SLOTH)
  • NASL family Misc.
    NASL id ORACLE_JAVA_CPU_JAN_2016_UNIX.NASL
    description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 8 Update 71, 7 Update 95, or 6 Update 111. It is, therefore, affected by security vulnerabilities in the following components : - 2D - AWT - JAXP - JMX - Libraries - Networking - Security
    last seen 2018-09-01
    modified 2018-07-18
    plugin id 88046
    published 2016-01-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88046
    title Oracle Java SE Multiple Vulnerabilities (January 2016 CPU) (SLOTH) (Unix)
redhat via4
advisories
  • rhsa
    id RHSA-2015:2594
  • rhsa
    id RHSA-2015:2595
  • rhsa
    id RHSA-2015:2596
  • rhsa
    id RHSA-2016:0055
  • rhsa
    id RHSA-2016:0056
  • rhsa
    id RHSA-2016:0057
  • rhsa
    id RHSA-2016:1430
rpms
  • libpng-2:1.2.49-2.el6_7
  • libpng-devel-2:1.2.49-2.el6_7
  • libpng-static-2:1.2.49-2.el6_7
  • libpng12-0:1.2.50-7.el7_2
  • libpng12-devel-0:1.2.50-7.el7_2
  • libpng-2:1.5.13-7.el7_2
  • libpng-devel-2:1.5.13-7.el7_2
  • libpng-static-2:1.5.13-7.el7_2
refmap via4
apple APPLE-SA-2016-03-21-5
bid 77568
confirm
debian
  • DSA-3399
  • DSA-3507
fedora
  • FEDORA-2015-13668fff74
  • FEDORA-2015-1d87313b7c
  • FEDORA-2015-233750b6ab
  • FEDORA-2015-4ad4998d00
  • FEDORA-2015-501493d853
  • FEDORA-2015-5e52306c9c
  • FEDORA-2015-8a1243db75
  • FEDORA-2015-97fc1797fa
  • FEDORA-2015-c80ec85542
  • FEDORA-2015-ec2ddd15d7
  • FEDORA-2016-43735c33a7
  • FEDORA-2016-9a1c707b10
gentoo
  • GLSA-201603-09
  • GLSA-201611-08
mlist [oss-security] 20151112 CVE request: libpng buffer overflow in png_set_PLTE
sectrack 1034142
suse
  • SUSE-SU-2016:0256
  • SUSE-SU-2016:0265
  • SUSE-SU-2016:0269
  • SUSE-SU-2016:0665
  • openSUSE-SU-2015:2099
  • openSUSE-SU-2015:2100
  • openSUSE-SU-2015:2135
  • openSUSE-SU-2015:2136
  • openSUSE-SU-2015:2262
  • openSUSE-SU-2015:2263
  • openSUSE-SU-2016:0103
  • openSUSE-SU-2016:0104
  • openSUSE-SU-2016:0105
  • openSUSE-SU-2016:0263
  • openSUSE-SU-2016:0268
  • openSUSE-SU-2016:0270
  • openSUSE-SU-2016:0272
  • openSUSE-SU-2016:0279
  • openSUSE-SU-2016:0664
  • openSUSE-SU-2016:0684
  • openSUSE-SU-2016:0729
ubuntu USN-2815-1
Last major update 07-12-2016 - 13:26
Published 12-11-2015 - 22:59
Last modified 30-06-2017 - 21:29
Back to Top