CVE-2015-8126

Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html	Third Party Advisory
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html	Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172324.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172769.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172797.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172823.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177344.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177382.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174905.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174936.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175073.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00034.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-11/msg00159.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-12/msg00062.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-12/msg00063.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-01/msg00028.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-01/msg00029.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-01/msg00030.html	Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-2594.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-2595.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-2596.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0055.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0056.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0057.html	Third Party Advisory
http://www.debian.org/security/2015/dsa-3399	Third Party Advisory
http://www.debian.org/security/2016/dsa-3507	Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/11/12/2	Mailing List Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html	Third Party Advisory
http://www.securityfocus.com/bid/77568	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034142	Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2815-1	Third Party Advisory
https://access.redhat.com/errata/RHSA-2016:1430	Third Party Advisory
https://code.google.com/p/chromium/issues/detail?id=560291	Issue Tracking Patch Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10148	Third Party Advisory
https://security.gentoo.org/glsa/201603-09	Third Party Advisory
https://security.gentoo.org/glsa/201611-08	Third Party Advisory
https://support.apple.com/HT206167	Third Party Advisory
http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html	Third Party Advisory
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html	Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172324.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172769.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172797.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172823.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177344.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177382.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174905.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174936.html	Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175073.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00034.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-11/msg00159.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-12/msg00062.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-12/msg00063.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-01/msg00028.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-01/msg00029.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-01/msg00030.html	Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-2594.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-2595.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-2596.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0055.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0056.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0057.html	Third Party Advisory
http://www.debian.org/security/2015/dsa-3399	Third Party Advisory
http://www.debian.org/security/2016/dsa-3507	Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/11/12/2	Mailing List Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html	Third Party Advisory
http://www.securityfocus.com/bid/77568	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034142	Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2815-1	Third Party Advisory
https://access.redhat.com/errata/RHSA-2016:1430	Third Party Advisory
https://code.google.com/p/chromium/issues/detail?id=560291	Issue Tracking Patch Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10148	Third Party Advisory
https://security.gentoo.org/glsa/201603-09	Third Party Advisory
https://security.gentoo.org/glsa/201611-08	Third Party Advisory
https://support.apple.com/HT206167	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:libpng:libpng::::::::
	cpe:2.3:a:libpng:libpng::::::::
	cpe:2.3:a:libpng:libpng::::::::
	cpe:2.3:a:libpng:libpng::::::::
	cpe:2.3:a:libpng:libpng::::::::

Configuration 2 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:21:::::::*
	cpe:2.3:o:fedoraproject:fedora:22:::::::*
	cpe:2.3:o:fedoraproject:fedora:23:::::::*

Configuration 3 (hide)

OR	cpe:2.3:o:opensuse:leap:42.1:::::::*
	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4::::::
	cpe:2.3:o:suse:linux_enterprise_desktop:12:-::::::
	cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1::::::
	cpe:2.3:o:suse:linux_enterprise_server:12:-::::::
	cpe:2.3:o:suse:linux_enterprise_server:12:sp1::::::

Configuration 4 (hide)

OR	cpe:2.3:o:debian:debian_linux:7.0:::::::*
	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

Configuration 5 (hide)

OR	cpe:2.3:a:redhat:satellite:5.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:6.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

Configuration 6 (hide)

AND

cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*

OR	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

Configuration 7 (hide)

OR	cpe:2.3:a:oracle:jdk:1.6.0:update105::::::
	cpe:2.3:a:oracle:jdk:1.7.0:update91::::::
	cpe:2.3:a:oracle:jdk:1.8.0:update65::::::
	cpe:2.3:a:oracle:jdk:1.8.0:update66::::::
	cpe:2.3:a:oracle:jre:1.6.0:update105::::::
	cpe:2.3:a:oracle:jre:1.7.0:update91::::::
	cpe:2.3:a:oracle:jre:1.8.0:update65::::::
	cpe:2.3:a:oracle:jre:1.8.0:update66::::::
	cpe:2.3:o:oracle:linux:6:-::::::
	cpe:2.3:o:oracle:linux:7:-::::::
	cpe:2.3:o:oracle:solaris:11.3:::::::*

Configuration 8 (hide)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 9 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

History

21 Nov 2024, 02:38

13 May 2022, 14:57

Type	Values Removed	Values Added
CPE	cpe:2.3:a:oracle:jre:1.7.0:update_91:::::: cpe:2.3:a:oracle:jre:1.8.0:update_65:::::: cpe:2.3:a:oracle:jdk:1.6.0:update_105:::::: cpe:2.3:a:oracle:jre:1.6.0:update_105:::::: cpe:2.3:a:oracle:jre:1.8.0:update_66:::::: cpe:2.3:a:oracle:jdk:1.7.0:update_91::::::	cpe:2.3:a:oracle:jdk:1.6.0:update105:::::: cpe:2.3:a:oracle:jre:1.8.0:update65:::::: cpe:2.3:a:oracle:jdk:1.7.0:update91:::::: cpe:2.3:a:oracle:jre:1.8.0:update66:::::: cpe:2.3:a:oracle:jre:1.6.0:update105:::::: cpe:2.3:a:oracle:jre:1.7.0:update91::::::

Information

Published : 2015-11-13 03:59

Updated : 2025-04-12 10:46

NVD link : CVE-2015-8126

Mitre link : CVE-2015-8126

CVE.ORG link : CVE-2015-8126

JSON object : View

Products Affected

apple

mac_os_x

suse

linux_enterprise_desktop
linux_enterprise_server

redhat

enterprise_linux_workstation
enterprise_linux_server_tus
satellite
enterprise_linux_server
enterprise_linux_desktop
enterprise_linux_server_aus
enterprise_linux
enterprise_linux_eus

oracle

jre
linux
jdk
solaris

canonical

ubuntu_linux

opensuse

leap
opensuse

fedoraproject

fedora

debian

debian_linux

libpng

libpng

CWE

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

{"id": "CVE-2015-8126", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-11-13T03:59:05.917", "references": [{"url": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172324.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172769.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172797.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172823.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177344.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177382.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174905.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174936.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175073.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00034.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00159.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00062.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00063.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00028.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00029.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00030.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-2594.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-2595.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-2596.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2015/dsa-3399", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.debian.org/security/2016/dsa-3507", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2015/11/12/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/77568", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1034142", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.ubuntu.com/usn/USN-2815-1", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://access.redhat.com/errata/RHSA-2016:1430", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://code.google.com/p/chromium/issues/detail?id=560291", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10148", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://security.gentoo.org/glsa/201603-09", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://security.gentoo.org/glsa/201611-08", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.apple.com/HT206167", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172324.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172769.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172797.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172823.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177344.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177382.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174905.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174936.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175073.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00034.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00159.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00062.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00063.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00028.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00029.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00030.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-2594.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-2595.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-2596.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2015/dsa-3399", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2016/dsa-3507", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openwall.com/lists/oss-security/2015/11/12/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/77568", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1034142", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ubuntu.com/usn/USN-2815-1", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2016:1430", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://code.google.com/p/chromium/issues/detail?id=560291", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10148", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/201603-09", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/201611-08", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/HT206167", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de buffer en las funciones (1) png_set_PLTE y (2) png_get_PLTE en libpng en versiones anteriores a 1.0.64, 1.1.x y 1.2.x en versiones anteriores a 1.2.54, 1.3.x y 1.4.x en versiones anteriores a 1.4.17, 1.5.x en versiones anteriores a 1.5.24 y 1.6.x en versiones anteriores a 1.6.19 permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente tener otro impacto no especificado a trav\u00e9s de un valor bit-depth peque\u00f1o en un fragmento IHDR (tambi\u00e9n conocido como image header) en una imagen PNG."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A81951DF-BEF9-4145-B936-48C031617EA6", "versionEndExcluding": "1.0.64"}, {"criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FE022C0-5EB8-4B1B-A378-120518DB4CDD", "versionEndExcluding": "1.2.54", "versionStartIncluding": "1.1.1"}, {"criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A38EFE8E-7569-4DEC-B97C-89A2D3A61C38", "versionEndExcluding": "1.4.17", "versionStartIncluding": "1.3.0"}, {"criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAACE97E-7BF2-485F-A129-1C27B936D392", "versionEndExcluding": "1.5.24", "versionStartIncluding": "1.5.0"}, {"criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88EAB9A2-8A67-4AE7-BA39-73B219BE34CC", "versionEndExcluding": "1.6.19", "versionStartIncluding": "1.6.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7"}, {"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F"}, {"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17D4B6F2-514D-4BC2-B2C5-4E2FCCAC594C"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2076747F-A98E-4DD9-9B52-BF1732BCAD3D"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85EA16E0-9261-45C4-840F-5366E9EAC5E1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "967EC28A-607F-48F4-AD64-5E3041C768F0"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE1D81A1-CD24-4B17-8AFD-DC95E90AD7D0"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "807C024A-F8E8-4B48-A349-4C68CD252CA1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F96E3779-F56A-45FF-BB3D-4980527D721E"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4840254-CC76-4113-BC61-360BD15582B9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update105:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0AD78A5-E3C8-4CF1-967C-7F934F9DAFE3"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update91:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B0EF44A-833C-4B9D-824A-5E0FFFBA8340"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update65:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05726B2D-17F9-4192-A570-979BA8F6676E"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6C77242-C6FB-4BED-BA51-E9477D64E311"}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update105:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CB263D7-6718-4BE2-8423-B25FD727915E"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update91:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB1CAC76-2414-43D0-917D-5C1E60438178"}, {"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update65:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D58FCAD-3374-40D1-ADD9-E830FC3B497A"}, {"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update66:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1475C6EC-E2F6-4881-A89E-FB75C1AD1F20"}, {"criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876"}, {"criteria": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44B8FEDF-6CB0-46E9-9AD7-4445B001C158"}, {"criteria": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79A602C5-61FE-47BA-9786-F045B6C6DBA8"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A594A00-699D-4899-AEE5-E6B9B948FB62", "versionEndExcluding": "10.11.4"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "vulnerable": true, "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "vulnerable": true, "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

7.5 /10