Vulnerability Description
The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds read.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Canonical | Ubuntu Linux | 12.04 |
| Debian | Debian Linux | 7.0 |
| Redhat | Enterprise Linux Desktop | 7.0 |
| Redhat | Enterprise Linux Hpc Node | 7.0 |
| Redhat | Enterprise Linux Hpc Node Eus | 7.2 |
| Redhat | Enterprise Linux Server | 7.0 |
| Redhat | Enterprise Linux Server Aus | 7.2 |
| Redhat | Enterprise Linux Server Eus | 7.2 |
| Redhat | Enterprise Linux Workstation | 7.0 |
| Libpng | Libpng | 1.0.0 |
Related Weaknesses (CWE)
References
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.h
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.h
- http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.h
- http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html
- http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html
- http://rhn.redhat.com/errata/RHSA-2015-2594.html
- http://rhn.redhat.com/errata/RHSA-2015-2595.html
- http://sourceforge.net/p/libpng/bugs/241/
- http://sourceforge.net/projects/libpng/files/libpng10/1.0.64/
- http://sourceforge.net/projects/libpng/files/libpng12/1.2.54/Patch
- http://sourceforge.net/projects/libpng/files/libpng14/1.4.17/Exploit
- http://www.debian.org/security/2015/dsa-3399
- http://www.openwall.com/lists/oss-security/2015/10/26/1
- http://www.openwall.com/lists/oss-security/2015/10/26/3
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
FAQ
What is CVE-2015-7981?
CVE-2015-7981 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via craf...
How severe is CVE-2015-7981?
CVE-2015-7981 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-7981?
Check the references section above for vendor advisories and patch information. Affected products include: Canonical Ubuntu Linux, Debian Debian Linux, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Hpc Node, Redhat Enterprise Linux Hpc Node Eus.