Vulnerabilities > CVE-2015-2158 - Numeric Errors vulnerability in Pngcrush Project Pngcrush

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

pngcrush-project

CWE-189

NVD

Published: 2017-10-06

Updated: 2017-11-01

Summary

Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file.

Vulnerable Configurations

Part	Description	Count
Application	Pngcrush_Project Pngcrush Project Pngcrush 1.1.4 Pngcrush Project Pngcrush 1.1.5 Pngcrush Project Pngcrush 1.1.6 Pngcrush Project Pngcrush 1.1.7 Pngcrush Project Pngcrush 1.1.8 Pngcrush Project Pngcrush 1.2.0 Pngcrush Project Pngcrush 1.2.1 Pngcrush Project Pngcrush 1.3.0 Pngcrush Project Pngcrush 1.3.1 Pngcrush Project Pngcrush 1.3.2 Pngcrush Project Pngcrush 1.3.3 Pngcrush Project Pngcrush 1.3.4 Pngcrush Project Pngcrush 1.3.5 Pngcrush Project Pngcrush 1.3.6 Pngcrush Project Pngcrush 1.4.0 Pngcrush Project Pngcrush 1.4.1 Pngcrush Project Pngcrush 1.4.2 Pngcrush Project Pngcrush 1.4.3 Pngcrush Project Pngcrush 1.4.4 Pngcrush Project Pngcrush 1.4.5 Pngcrush Project Pngcrush 1.4.6 Pngcrush Project Pngcrush 1.4.7 Pngcrush Project Pngcrush 1.4.8 Pngcrush Project Pngcrush 1.5.0 Pngcrush Project Pngcrush 1.5.1 Pngcrush Project Pngcrush 1.5.2 Pngcrush Project Pngcrush 1.5.3 Pngcrush Project Pngcrush 1.5.4 Pngcrush Project Pngcrush 1.5.5 Pngcrush Project Pngcrush 1.5.6 Pngcrush Project Pngcrush 1.5.7 Pngcrush Project Pngcrush 1.5.8 Pngcrush Project Pngcrush 1.5.9 Pngcrush Project Pngcrush 1.5.10 Pngcrush Project Pngcrush 1.6.0 Pngcrush Project Pngcrush 1.6.1 Pngcrush Project Pngcrush 1.6.2 Pngcrush Project Pngcrush 1.6.3 Pngcrush Project Pngcrush 1.6.4 Pngcrush Project Pngcrush 1.6.5 Pngcrush Project Pngcrush 1.6.6 Pngcrush Project Pngcrush 1.6.7 Pngcrush Project Pngcrush 1.6.8 Pngcrush Project Pngcrush 1.6.9 Pngcrush Project Pngcrush 1.6.10 Pngcrush Project Pngcrush 1.6.11 Pngcrush Project Pngcrush 1.6.12 Pngcrush Project Pngcrush 1.6.14 Pngcrush Project Pngcrush 1.6.15 Pngcrush Project Pngcrush 1.6.16 Pngcrush Project Pngcrush 1.6.17 Pngcrush Project Pngcrush 1.6.18 Pngcrush Project Pngcrush 1.6.19 Pngcrush Project Pngcrush 1.6.20 Pngcrush Project Pngcrush 1.7.0 Pngcrush Project Pngcrush 1.7.1 Pngcrush Project Pngcrush 1.7.2 Pngcrush Project Pngcrush 1.7.3 Pngcrush Project Pngcrush 1.7.4 Pngcrush Project Pngcrush 1.7.5 Pngcrush Project Pngcrush 1.7.6 Pngcrush Project Pngcrush 1.7.7 Pngcrush Project Pngcrush 1.7.8 Pngcrush Project Pngcrush 1.7.9 Pngcrush Project Pngcrush 1.7.10 Pngcrush Project Pngcrush 1.7.11 Pngcrush Project Pngcrush 1.7.12 Pngcrush Project Pngcrush 1.7.13 Pngcrush Project Pngcrush 1.7.14 Pngcrush Project Pngcrush 1.7.15 Pngcrush Project Pngcrush 1.7.16 Pngcrush Project Pngcrush 1.7.17 Pngcrush Project Pngcrush 1.7.18 Pngcrush Project Pngcrush 1.7.19 Pngcrush Project Pngcrush 1.7.20 Pngcrush Project Pngcrush 1.7.21 Pngcrush Project Pngcrush 1.7.22 Pngcrush Project Pngcrush 1.7.23 Pngcrush Project Pngcrush 1.7.24 Pngcrush Project Pngcrush 1.7.25 Pngcrush Project Pngcrush 1.7.26 Pngcrush Project Pngcrush 1.7.27 Pngcrush Project Pngcrush 1.7.28 Pngcrush Project Pngcrush 1.7.29 Pngcrush Project Pngcrush 1.7.30 Pngcrush Project Pngcrush 1.7.31 Pngcrush Project Pngcrush 1.7.32 Pngcrush Project Pngcrush 1.7.33 Pngcrush Project Pngcrush 1.7.34 Pngcrush Project Pngcrush 1.7.35 Pngcrush Project Pngcrush 1.7.36 Pngcrush Project Pngcrush 1.7.37 Pngcrush Project Pngcrush 1.7.38 Pngcrush Project Pngcrush 1.7.39 Pngcrush Project Pngcrush 1.7.40 Pngcrush Project Pngcrush 1.7.41 Pngcrush Project Pngcrush 1.7.42 Pngcrush Project Pngcrush 1.7.43 Pngcrush Project Pngcrush 1.7.44 Pngcrush Project Pngcrush 1.7.45 Pngcrush Project Pngcrush 1.7.46 Pngcrush Project Pngcrush 1.7.47 Pngcrush Project Pngcrush 1.7.48 Pngcrush Project Pngcrush 1.7.49 Pngcrush Project Pngcrush 1.7.50 Pngcrush Project Pngcrush 1.7.51 Pngcrush Project Pngcrush 1.7.52 Pngcrush Project Pngcrush 1.7.53 Pngcrush Project Pngcrush 1.7.54 Pngcrush Project Pngcrush 1.7.55 Pngcrush Project Pngcrush 1.7.56 Pngcrush Project Pngcrush 1.7.57 Pngcrush Project Pngcrush 1.7.58 Pngcrush Project Pngcrush 1.7.59 Pngcrush Project Pngcrush 1.7.60 Pngcrush Project Pngcrush 1.7.61 Pngcrush Project Pngcrush 1.7.62 Pngcrush Project Pngcrush 1.7.63 Pngcrush Project Pngcrush 1.7.64 Pngcrush Project Pngcrush 1.7.65 Pngcrush Project Pngcrush 1.7.66 Pngcrush Project Pngcrush 1.7.67 Pngcrush Project Pngcrush 1.7.68 Pngcrush Project Pngcrush 1.7.69 Pngcrush Project Pngcrush 1.7.70 Pngcrush Project Pngcrush 1.7.71 Pngcrush Project Pngcrush 1.7.72 Pngcrush Project Pngcrush 1.7.73 Pngcrush Project Pngcrush 1.7.74 Pngcrush Project Pngcrush 1.7.75 Pngcrush Project Pngcrush 1.7.76 Pngcrush Project Pngcrush 1.7.77 Pngcrush Project Pngcrush 1.7.78 Pngcrush Project Pngcrush 1.7.79 Pngcrush Project Pngcrush 1.7.80 Pngcrush Project Pngcrush 1.7.81 Pngcrush Project Pngcrush 1.7.82 Pngcrush Project Pngcrush 1.7.83	138

Common Weakness Enumeration (CWE)

CWE-189 - Numeric Errors

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References