What is the severity of CVE-2015-7981?

CVE-2015-7981 has been classified as a medium severity vulnerability.

How do I fix CVE-2015-7981?

To fix CVE-2015-7981, upgrade to a patched version of libpng that addresses this vulnerability.

What software is affected by CVE-2015-7981?

CVE-2015-7981 affects various versions of libpng and several distributions including Ubuntu 12.04, 14.04, and various Red Hat Enterprise Linux versions.

What type of vulnerability is CVE-2015-7981?

CVE-2015-7981 is categorized as an out-of-bounds read vulnerability.

Is CVE-2015-7981 exploitable?

Yes, CVE-2015-7981 may be exploited to cause information disclosure or application crashes under certain conditions.

Vulnerability/
CVE-2015-7981

medium

CWE

200

29/10/2015

24/11/2015

6/8/2024

CVE-2015-7981: Infoleak

First published: Thu Oct 29 2015(Updated: )

An out-of-bounds read in png_convert_to_rfc1123 in png.c was found. Upstream bug: <a href="http://sourceforge.net/p/libpng/bugs/241/">http://sourceforge.net/p/libpng/bugs/241/</a> Upstream patch: <a href="http://sourceforge.net/p/libpng/code/ci/fbf0f024346ca0a4ffc64b082a95c6b6bb6d29c4/">http://sourceforge.net/p/libpng/code/ci/fbf0f024346ca0a4ffc64b082a95c6b6bb6d29c4/</a> CVE assignment: <a href="http://seclists.org/oss-sec/2015/q4/161">http://seclists.org/oss-sec/2015/q4/161</a>

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Ubuntu	=12.04
Ubuntu	=14.04
Ubuntu	=15.04
Ubuntu	=15.10
Debian	=7.0
Debian	=8.0
Red Hat Enterprise Linux Desktop	=7.0
Red Hat Enterprise Linux HPC Node	=7.0
Red Hat Enterprise Linux HPC Node	=7.2
Red Hat Enterprise Linux Server	=7.0
Red Hat Enterprise Linux Server	=7.2
Red Hat Enterprise Linux Server	=7.2
Red Hat Enterprise Linux Workstation	=7.0
libp2p	=1.0.0
libp2p	=1.0.1
libp2p	=1.0.2
libp2p	=1.0.3
libp2p	=1.0.5
libp2p	=1.0.6
libp2p	=1.0.7
libp2p	=1.0.8
libp2p	=1.0.9
libp2p	=1.0.10
libp2p	=1.0.11
libp2p	=1.0.12
libp2p	=1.0.13
libp2p	=1.0.14
libp2p	=1.0.15
libp2p	=1.0.16
libp2p	=1.0.17
libp2p	=1.0.18
libp2p	=1.0.19
libp2p	=1.0.20
libp2p	=1.0.21
libp2p	=1.0.22
libp2p	=1.0.23
libp2p	=1.0.24
libp2p	=1.0.25
libp2p	=1.0.26
libp2p	=1.0.27
libp2p	=1.0.28
libp2p	=1.0.29
libp2p	=1.0.30
libp2p	=1.0.31
libp2p	=1.0.32
libp2p	=1.0.33
libp2p	=1.0.34
libp2p	=1.0.35
libp2p	=1.0.37
libp2p	=1.0.38
libp2p	=1.0.39
libp2p	=1.0.40
libp2p	=1.0.41
libp2p	=1.0.42
libp2p	=1.0.43
libp2p	=1.0.44
libp2p	=1.0.45
libp2p	=1.0.46
libp2p	=1.0.47
libp2p	=1.0.48
libp2p	=1.0.50
libp2p	=1.0.51
libp2p	=1.0.52
libp2p	=1.0.53
libp2p	=1.0.54
libp2p	=1.0.55
libp2p	=1.0.55-rc01
libp2p	=1.0.56
libp2p	=1.0.56-devel
libp2p	=1.0.57
libp2p	=1.0.57-rc01
libp2p	=1.0.58
libp2p	=1.0.59
libp2p	=1.0.60
libp2p	=1.0.61
libp2p	=1.0.62
libp2p	=1.0.63
libp2p	=1.2.0
libp2p	=1.2.1
libp2p	=1.2.2
libp2p	=1.2.3
libp2p	=1.2.4
libp2p	=1.2.5
libp2p	=1.2.6
libp2p	=1.2.7
libp2p	=1.2.8
libp2p	=1.2.9
libp2p	=1.2.10
libp2p	=1.2.11
libp2p	=1.2.12
libp2p	=1.2.13
libp2p	=1.2.14
libp2p	=1.2.15
libp2p	=1.2.16
libp2p	=1.2.17
libp2p	=1.2.18
libp2p	=1.2.19
libp2p	=1.2.20
libp2p	=1.2.21
libp2p	=1.2.22
libp2p	=1.2.23
libp2p	=1.2.24
libp2p	=1.2.25
libp2p	=1.2.26
libp2p	=1.2.27
libp2p	=1.2.28
libp2p	=1.2.29
libp2p	=1.2.30
libp2p	=1.2.31
libp2p	=1.2.32
libp2p	=1.2.33
libp2p	=1.2.34
libp2p	=1.2.35
libp2p	=1.2.36
libp2p	=1.2.37
libp2p	=1.2.38
libp2p	=1.2.39
libp2p	=1.2.40
libp2p	=1.2.41
libp2p	=1.2.42
libp2p	=1.2.43
libp2p	=1.2.43-devel
libp2p	=1.2.44
libp2p	=1.2.45
libp2p	=1.2.45-devel
libp2p	=1.2.46
libp2p	=1.2.46-devel
libp2p	=1.2.47
libp2p	=1.2.47-beta
libp2p	=1.2.48
libp2p	=1.2.48-betas
libp2p	=1.2.49
libp2p	=1.2.50
libp2p	=1.2.51
libp2p	=1.2.52
libp2p	=1.2.53
libp2p	=1.4.0
libp2p	=1.4.1
libp2p	=1.4.2
libp2p	=1.4.3
libp2p	=1.4.4
libp2p	=1.4.5
libp2p	=1.4.6
libp2p	=1.4.7
libp2p	=1.4.8
libp2p	=1.4.9
libp2p	=1.4.10
libp2p	=1.4.11
libp2p	=1.4.12
libp2p	=1.4.13
libp2p	=1.4.14
libp2p	=1.4.15
libp2p	=1.4.16
Red Hat Enterprise Linux Desktop	=6.0
Red Hat Enterprise Linux HPC Node	=6.0
Red Hat Enterprise Linux Server	=6.0
Red Hat Enterprise Linux Server	=6.7.z
Red Hat Enterprise Linux Workstation	=6.0

Remedy

http://sourceforge.net/projects/libpng/files/libpng12/1.2.54/

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-7981?
CVE-2015-7981 has been classified as a medium severity vulnerability.
How do I fix CVE-2015-7981?
To fix CVE-2015-7981, upgrade to a patched version of libpng that addresses this vulnerability.
What software is affected by CVE-2015-7981?
CVE-2015-7981 affects various versions of libpng and several distributions including Ubuntu 12.04, 14.04, and various Red Hat Enterprise Linux versions.
What type of vulnerability is CVE-2015-7981?
CVE-2015-7981 is categorized as an out-of-bounds read vulnerability.
Is CVE-2015-7981 exploitable?
Yes, CVE-2015-7981 may be exploited to cause information disclosure or application crashes under certain conditions.

agent/type
agent/first-publish-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2015-7981
collector/mitre-cve
source/MITRE
agent/weakness
agent/remedy
agent/last-modified-date
agent/author
agent/severity
agent/references
agent/event
agent/description
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/canonical
canonical/ubuntu
version/ubuntu/12.04
version/ubuntu/14.04
version/ubuntu/15.04
version/ubuntu/15.10
vendor/debian
canonical/debian
version/debian/7.0
version/debian/8.0
vendor/redhat
canonical/red hat enterprise linux desktop
version/red hat enterprise linux desktop/7.0
canonical/red hat enterprise linux hpc node
version/red hat enterprise linux hpc node/7.0
version/red hat enterprise linux hpc node/7.2
canonical/red hat enterprise linux server
version/red hat enterprise linux server/7.0
version/red hat enterprise linux server/7.2
canonical/red hat enterprise linux workstation
version/red hat enterprise linux workstation/7.0
vendor/libpng
canonical/libp2p
version/libp2p/1.0.0
version/libp2p/1.0.1
version/libp2p/1.0.2
version/libp2p/1.0.3
version/libp2p/1.0.5
version/libp2p/1.0.6
version/libp2p/1.0.7
version/libp2p/1.0.8
version/libp2p/1.0.9
version/libp2p/1.0.10
version/libp2p/1.0.11
version/libp2p/1.0.12
version/libp2p/1.0.13
version/libp2p/1.0.14
version/libp2p/1.0.15
version/libp2p/1.0.16
version/libp2p/1.0.17
version/libp2p/1.0.18
version/libp2p/1.0.19
version/libp2p/1.0.20
version/libp2p/1.0.21
version/libp2p/1.0.22
version/libp2p/1.0.23
version/libp2p/1.0.24
version/libp2p/1.0.25
version/libp2p/1.0.26
version/libp2p/1.0.27
version/libp2p/1.0.28
version/libp2p/1.0.29
version/libp2p/1.0.30
version/libp2p/1.0.31
version/libp2p/1.0.32
version/libp2p/1.0.33
version/libp2p/1.0.34
version/libp2p/1.0.35
version/libp2p/1.0.37
version/libp2p/1.0.38
version/libp2p/1.0.39
version/libp2p/1.0.40
version/libp2p/1.0.41
version/libp2p/1.0.42
version/libp2p/1.0.43
version/libp2p/1.0.44
version/libp2p/1.0.45
version/libp2p/1.0.46
version/libp2p/1.0.47
version/libp2p/1.0.48
version/libp2p/1.0.50
version/libp2p/1.0.51
version/libp2p/1.0.52
version/libp2p/1.0.53
version/libp2p/1.0.54
version/libp2p/1.0.55
version/libp2p/1.0.55-rc01
version/libp2p/1.0.56
version/libp2p/1.0.56-devel
version/libp2p/1.0.57
version/libp2p/1.0.57-rc01
version/libp2p/1.0.58
version/libp2p/1.0.59
version/libp2p/1.0.60
version/libp2p/1.0.61
version/libp2p/1.0.62
version/libp2p/1.0.63
version/libp2p/1.2.0
version/libp2p/1.2.1
version/libp2p/1.2.2
version/libp2p/1.2.3
version/libp2p/1.2.4
version/libp2p/1.2.5
version/libp2p/1.2.6
version/libp2p/1.2.7
version/libp2p/1.2.8
version/libp2p/1.2.9
version/libp2p/1.2.10
version/libp2p/1.2.11
version/libp2p/1.2.12
version/libp2p/1.2.13
version/libp2p/1.2.14
version/libp2p/1.2.15
version/libp2p/1.2.16
version/libp2p/1.2.17
version/libp2p/1.2.18
version/libp2p/1.2.19
version/libp2p/1.2.20
version/libp2p/1.2.21
version/libp2p/1.2.22
version/libp2p/1.2.23
version/libp2p/1.2.24
version/libp2p/1.2.25
version/libp2p/1.2.26
version/libp2p/1.2.27
version/libp2p/1.2.28
version/libp2p/1.2.29
version/libp2p/1.2.30
version/libp2p/1.2.31
version/libp2p/1.2.32
version/libp2p/1.2.33
version/libp2p/1.2.34
version/libp2p/1.2.35
version/libp2p/1.2.36
version/libp2p/1.2.37
version/libp2p/1.2.38
version/libp2p/1.2.39
version/libp2p/1.2.40
version/libp2p/1.2.41
version/libp2p/1.2.42
version/libp2p/1.2.43
version/libp2p/1.2.43-devel
version/libp2p/1.2.44
version/libp2p/1.2.45
version/libp2p/1.2.45-devel
version/libp2p/1.2.46
version/libp2p/1.2.46-devel
version/libp2p/1.2.47
version/libp2p/1.2.47-beta
version/libp2p/1.2.48
version/libp2p/1.2.48-betas
version/libp2p/1.2.49
version/libp2p/1.2.50
version/libp2p/1.2.51
version/libp2p/1.2.52
version/libp2p/1.2.53
version/libp2p/1.4.0
version/libp2p/1.4.1
version/libp2p/1.4.2
version/libp2p/1.4.3
version/libp2p/1.4.4
version/libp2p/1.4.5
version/libp2p/1.4.6
version/libp2p/1.4.7
version/libp2p/1.4.8
version/libp2p/1.4.9
version/libp2p/1.4.10
version/libp2p/1.4.11
version/libp2p/1.4.12
version/libp2p/1.4.13
version/libp2p/1.4.14
version/libp2p/1.4.15
version/libp2p/1.4.16
version/red hat enterprise linux desktop/6.0
version/red hat enterprise linux hpc node/6.0
version/red hat enterprise linux server/6.0
version/red hat enterprise linux server/6.7.z
version/red hat enterprise linux workstation/6.0