It was discovered that libpng incorrectly handled certain small bit-depth values. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking the program. (CVE-2015-8472)
Qixue Xiao and Chen Yu discovered that libpng incorrectly handled certain malformed images. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service. (CVE-2015-8540)
{ "availability": "No subscription required", "binaries": [ { "libpng12-0-udeb-dbgsym": "1.2.50-1ubuntu2.14.04.2", "libpng12-0-dbgsym": "1.2.50-1ubuntu2.14.04.2", "libpng12-dev": "1.2.50-1ubuntu2.14.04.2", "libpng3": "1.2.50-1ubuntu2.14.04.2", "libpng12-0": "1.2.50-1ubuntu2.14.04.2", "libpng12-0-udeb": "1.2.50-1ubuntu2.14.04.2" } ] }