CVE-2015-6673 - Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32.

CVE-2015-6673

Summary

Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32.

References

Vulnerable Configurations

cpe:2.3:a:libpgf:libpgf:6.11.42:*:*:*:*:*:*:*
cpe:2.3:a:libpgf:libpgf:6.11.42:*:*:*:*:*:*:*
cpe:2.3:a:libpgf:libpgf:6.12.24:*:*:*:*:*:*:*
cpe:2.3:a:libpgf:libpgf:6.12.24:*:*:*:*:*:*:*
cpe:2.3:a:libpgf:libpgf:6.14.12:*:*:*:*:*:*:*
cpe:2.3:a:libpgf:libpgf:6.14.12:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

misc	https://bugzilla.redhat.com/show_bug.cgi?id=1251749 https://security-tracker.debian.org/tracker/CVE-2015-6673/ https://sourceforge.net/p/libpgf/code/147/ https://sourceforge.net/p/libpgf/code/148/ https://sourceforge.net/p/libpgf/code/HEAD/tree/trunk/libpgf/INSTALL
mlist	[debian-lts-announce] 20191215 [SECURITY] [DLA 2035-1] libpgf security update [oss-security] 20150825 Re: CVE request: libgpf: use-after-free vulnerability in Decoder.cpp
ubuntu	USN-4554-1

Last major update

05-10-2020 - 17:15

Published

20-09-2017 - 18:29

Last modified

05-10-2020 - 17:15