It was discovered that libpng incorrectly handled certain small bit-depth values. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking the program. (CVE-2015-8472)
Qixue Xiao and Chen Yu discovered that libpng incorrectly handled certain malformed images. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. (CVE-2015-8540)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.2.50-1ubuntu2.14.04.2", "binary_name": "libpng12-0" }, { "binary_version": "1.2.50-1ubuntu2.14.04.2", "binary_name": "libpng12-0-dbgsym" }, { "binary_version": "1.2.50-1ubuntu2.14.04.2", "binary_name": "libpng12-0-udeb" }, { "binary_version": "1.2.50-1ubuntu2.14.04.2", "binary_name": "libpng12-0-udeb-dbgsym" }, { "binary_version": "1.2.50-1ubuntu2.14.04.2", "binary_name": "libpng12-dev" }, { "binary_version": "1.2.50-1ubuntu2.14.04.2", "binary_name": "libpng3" } ] }