high
7.5
CWE
120 119
Advisory Published
CVE Published
Updated

CVE-2015-8126: Buffer Overflow

First published: Thu Nov 12 2015(Updated: )

Buffer overflow vulnerabilities in functions png_get_PLTE/png_set_PLTE, allowing remote attackers to cause DoS to application or have unspecified other impact. These functions failed to check for an out-of-range palette when reading or writing PNG files with a bit_depth less than 8. Some applications might read the bit depth from the IHDR chunk and allocate memory for a 2^N entry palette, while libpng can return a palette with up to 256 entries even when the bit depth is less than 8. Affected versions of libpng are before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19. Upstream patches: <a href="https://github.com/glennrp/libpng/commit/81f44665cce4cb1373f049a76f3904e981b7a766">https://github.com/glennrp/libpng/commit/81f44665cce4cb1373f049a76f3904e981b7a766</a> <a href="https://github.com/glennrp/libpng/commit/a901eb3ce6087e0afeef988247f1a1aa208cb54d">https://github.com/glennrp/libpng/commit/a901eb3ce6087e0afeef988247f1a1aa208cb54d</a> <a href="https://github.com/glennrp/libpng/commit/1bef8e97995c33123665582e57d3ed40b57d5978">https://github.com/glennrp/libpng/commit/1bef8e97995c33123665582e57d3ed40b57d5978</a> <a href="https://github.com/glennrp/libpng/commit/83f4c735c88e7f451541c1528d8043c31ba3b466">https://github.com/glennrp/libpng/commit/83f4c735c88e7f451541c1528d8043c31ba3b466</a> <a href="https://github.com/glennrp/libpng/commit/9f2ad4928e47036cf1ac9b8fe45a491f15be2324">https://github.com/glennrp/libpng/commit/9f2ad4928e47036cf1ac9b8fe45a491f15be2324</a> CVE assignment: <a href="http://seclists.org/oss-sec/2015/q4/264">http://seclists.org/oss-sec/2015/q4/264</a>

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
redhat/java<1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11
1.7.0-oracle-1:1.7.0.95-1jpp.1.el5_11
redhat/java<1.6.0-sun-1:1.6.0.111-1jpp.3.el5_11
1.6.0-sun-1:1.6.0.111-1jpp.3.el5_11
redhat/java<1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7
1.8.0-oracle-1:1.8.0.71-1jpp.1.el6_7
redhat/java<1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7
1.7.0-oracle-1:1.7.0.95-1jpp.1.el6_7
redhat/java<1.6.0-sun-1:1.6.0.111-1jpp.3.el6_7
1.6.0-sun-1:1.6.0.111-1jpp.3.el6_7
redhat/java<1.8.0-oracle-1:1.8.0.71-1jpp.1.el7
1.8.0-oracle-1:1.8.0.71-1jpp.1.el7
redhat/java<1.7.0-oracle-1:1.7.0.95-1jpp.2.el7
1.7.0-oracle-1:1.7.0.95-1jpp.2.el7
redhat/java<1.6.0-sun-1:1.6.0.111-1jpp.1.el7
1.6.0-sun-1:1.6.0.111-1jpp.1.el7
redhat/java<1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5
1.7.0-ibm-1:1.7.0.9.30-1jpp.1.el5
redhat/java<1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el5
1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el5
redhat/libpng<2:1.2.49-2.el6_7
2:1.2.49-2.el6_7
redhat/java<1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7
1.7.1-ibm-1:1.7.1.3.30-1jpp.2.el6_7
redhat/java<1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7
1.6.0-ibm-1:1.6.0.16.20-1jpp.1.el6_7
redhat/libpng12<0:1.2.50-7.el7_2
0:1.2.50-7.el7_2
redhat/libpng<2:1.5.13-7.el7_2
2:1.5.13-7.el7_2
redhat/java<1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7
1.8.0-ibm-1:1.8.0.2.10-1jpp.1.el7
redhat/java<1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7
1.7.1-ibm-1:1.7.1.3.30-1jpp.1.el7
redhat/java<1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5
1.7.0-ibm-1:1.7.0.9.40-1jpp.1.el5
redhat/java<1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7
1.7.1-ibm-1:1.7.1.3.40-1jpp.1.el6_7
redhat/spacewalk-java<0:2.0.2-109.el6
0:2.0.2-109.el6
redhat/spacewalk-java<0:2.3.8-146.el6
0:2.3.8-146.el6
libpng<1.0.64
libpng>=1.1.1<1.2.54
libpng>=1.3.0<1.4.17
libpng>=1.5.0<1.5.24
libpng>=1.6.0<1.6.19
Fedora=21
Fedora=22
Fedora=23
openSUSE=42.1
openSUSE=13.1
openSUSE=13.2
SUSE Linux Enterprise Desktop with Beagle=11-sp3
SUSE Linux Enterprise Desktop with Beagle=11-sp4
SUSE Linux Enterprise Desktop with Beagle=12
SUSE Linux Enterprise Desktop with Beagle=12-sp1
SUSE Linux Enterprise Server=12
SUSE Linux Enterprise Server=12-sp1
Debian=7.0
Debian=8.0
Debian=9.0
redhat satellite=5.7
redhat enterprise Linux desktop=6.0
redhat enterprise Linux desktop=7.0
redhat enterprise Linux eus=6.7
redhat enterprise Linux eus=7.2
redhat enterprise Linux eus=7.3
redhat enterprise Linux eus=7.4
redhat enterprise Linux eus=7.5
redhat enterprise Linux eus=7.6
redhat enterprise Linux eus=7.7
redhat enterprise Linux server=6.0
redhat enterprise Linux server=7.0
redhat enterprise Linux server aus=7.2
redhat enterprise Linux server aus=7.3
redhat enterprise Linux server aus=7.4
redhat enterprise Linux server aus=7.6
redhat enterprise Linux server aus=7.7
redhat enterprise Linux server tus=7.2
redhat enterprise Linux server tus=7.3
redhat enterprise Linux server tus=7.6
redhat enterprise Linux server tus=7.7
redhat enterprise Linux workstation=6.0
redhat enterprise Linux workstation=7.0
redhat satellite=5.6
Red Hat Enterprise Linux=5.0
Red Hat Enterprise Linux=6.0
Oracle JDK 6=1.6.0-update105
Oracle JDK 6=1.7.0-update91
Oracle JDK 6=1.8.0-update65
Oracle JDK 6=1.8.0-update66
Oracle Java Runtime Environment (JRE)=1.6.0-update105
Oracle Java Runtime Environment (JRE)=1.7.0-update91
Oracle Java Runtime Environment (JRE)=1.8.0-update65
Oracle Java Runtime Environment (JRE)=1.8.0-update66
Oracle Linux=6
Oracle Linux=7
Oracle Solaris SPARC=11.3
Apple iOS and macOS<10.11.4
Ubuntu=12.04
Ubuntu=14.04
Ubuntu=15.04
Ubuntu=15.10

Remedy

https://code.google.com/p/chromium/issues/detail?id=560291

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

  • What is the severity of CVE-2015-8126?

    CVE-2015-8126 has a moderate severity level due to its potential to cause denial of service and unspecified impacts.

  • How do I fix CVE-2015-8126?

    To fix CVE-2015-8126, update affected software packages to the remedied versions specified in the vulnerability advisory.

  • What software is affected by CVE-2015-8126?

    CVE-2015-8126 affects various versions of the Java SDK and libpng across multiple operating systems.

  • Can CVE-2015-8126 lead to remote attacks?

    Yes, CVE-2015-8126 allows remote attackers to exploit buffer overflow vulnerabilities, potentially leading to crashes.

  • What is a buffer overflow in the context of CVE-2015-8126?

    In the context of CVE-2015-8126, a buffer overflow occurs when the png_get_PLTE and png_set_PLTE functions do not check for out-of-range palette data, which can lead to application instability.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203