Vulnerabilities > CVE-2015-2158 - Numeric Errors vulnerability in Pngcrush Project Pngcrush

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

pngcrush-project

CWE-189

NVD

Published: 2017-10-06

Updated: 2017-11-01

Summary

Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file.

Vulnerable Configurations

Part	Description	Count
Application	Pngcrush_Project Pngcrush Project Pngcrush 1.1.4 Pngcrush Project Pngcrush 1.1.5 Pngcrush Project Pngcrush 1.1.6 Pngcrush Project Pngcrush 1.1.7 Pngcrush Project Pngcrush 1.1.8 Pngcrush Project Pngcrush 1.2.0 Pngcrush Project Pngcrush 1.2.1 Pngcrush Project Pngcrush 1.3.0 Pngcrush Project Pngcrush 1.3.1 Pngcrush Project Pngcrush 1.3.2 Pngcrush Project Pngcrush 1.3.3 Pngcrush Project Pngcrush 1.3.4 Pngcrush Project Pngcrush 1.3.5 Pngcrush Project Pngcrush 1.3.6 Pngcrush Project Pngcrush 1.4.0 Pngcrush Project Pngcrush 1.4.1 Pngcrush Project Pngcrush 1.4.2 Pngcrush Project Pngcrush 1.4.3 Pngcrush Project Pngcrush 1.4.4 Pngcrush Project Pngcrush 1.4.5 Pngcrush Project Pngcrush 1.4.6 Pngcrush Project Pngcrush 1.4.7 Pngcrush Project Pngcrush 1.4.8 Pngcrush Project Pngcrush 1.5.0 Pngcrush Project Pngcrush 1.5.1 Pngcrush Project Pngcrush 1.5.2 Pngcrush Project Pngcrush 1.5.3 Pngcrush Project Pngcrush 1.5.4 Pngcrush Project Pngcrush 1.5.5 Pngcrush Project Pngcrush 1.5.6 Pngcrush Project Pngcrush 1.5.7 Pngcrush Project Pngcrush 1.5.8 Pngcrush Project Pngcrush 1.5.9 Pngcrush Project Pngcrush 1.5.10 Pngcrush Project Pngcrush 1.6.0 Pngcrush Project Pngcrush 1.6.1 Pngcrush Project Pngcrush 1.6.2 Pngcrush Project Pngcrush 1.6.3 Pngcrush Project Pngcrush 1.6.4 Pngcrush Project Pngcrush 1.6.5 Pngcrush Project Pngcrush 1.6.6 Pngcrush Project Pngcrush 1.6.7 Pngcrush Project Pngcrush 1.6.8 Pngcrush Project Pngcrush 1.6.9 Pngcrush Project Pngcrush 1.6.10 Pngcrush Project Pngcrush 1.6.11 Pngcrush Project Pngcrush 1.6.12 Pngcrush Project Pngcrush 1.6.14 Pngcrush Project Pngcrush 1.6.15 Pngcrush Project Pngcrush 1.6.16 Pngcrush Project Pngcrush 1.6.17 Pngcrush Project Pngcrush 1.6.18 Pngcrush Project Pngcrush 1.6.19 Pngcrush Project Pngcrush 1.6.20 Pngcrush Project Pngcrush 1.7.0 Pngcrush Project Pngcrush 1.7.1 Pngcrush Project Pngcrush 1.7.2 Pngcrush Project Pngcrush 1.7.3 Pngcrush Project Pngcrush 1.7.4 Pngcrush Project Pngcrush 1.7.5 Pngcrush Project Pngcrush 1.7.6 Pngcrush Project Pngcrush 1.7.7 Pngcrush Project Pngcrush 1.7.8 Pngcrush Project Pngcrush 1.7.9 Pngcrush Project Pngcrush 1.7.10 Pngcrush Project Pngcrush 1.7.11 Pngcrush Project Pngcrush 1.7.12 Pngcrush Project Pngcrush 1.7.13 Pngcrush Project Pngcrush 1.7.14 Pngcrush Project Pngcrush 1.7.15 Pngcrush Project Pngcrush 1.7.16 Pngcrush Project Pngcrush 1.7.17 Pngcrush Project Pngcrush 1.7.18 Pngcrush Project Pngcrush 1.7.19 Pngcrush Project Pngcrush 1.7.20 Pngcrush Project Pngcrush 1.7.21 Pngcrush Project Pngcrush 1.7.22 Pngcrush Project Pngcrush 1.7.23 Pngcrush Project Pngcrush 1.7.24 Pngcrush Project Pngcrush 1.7.25 Pngcrush Project Pngcrush 1.7.26 Pngcrush Project Pngcrush 1.7.27 Pngcrush Project Pngcrush 1.7.28 Pngcrush Project Pngcrush 1.7.29 Pngcrush Project Pngcrush 1.7.30 Pngcrush Project Pngcrush 1.7.31 Pngcrush Project Pngcrush 1.7.32 Pngcrush Project Pngcrush 1.7.33 Pngcrush Project Pngcrush 1.7.34 Pngcrush Project Pngcrush 1.7.35 Pngcrush Project Pngcrush 1.7.36 Pngcrush Project Pngcrush 1.7.37 Pngcrush Project Pngcrush 1.7.38 Pngcrush Project Pngcrush 1.7.39 Pngcrush Project Pngcrush 1.7.40 Pngcrush Project Pngcrush 1.7.41 Pngcrush Project Pngcrush 1.7.42 Pngcrush Project Pngcrush 1.7.43 Pngcrush Project Pngcrush 1.7.44 Pngcrush Project Pngcrush 1.7.45 Pngcrush Project Pngcrush 1.7.46 Pngcrush Project Pngcrush 1.7.47 Pngcrush Project Pngcrush 1.7.48 Pngcrush Project Pngcrush 1.7.49 Pngcrush Project Pngcrush 1.7.50 Pngcrush Project Pngcrush 1.7.51 Pngcrush Project Pngcrush 1.7.52 Pngcrush Project Pngcrush 1.7.53 Pngcrush Project Pngcrush 1.7.54 Pngcrush Project Pngcrush 1.7.55 Pngcrush Project Pngcrush 1.7.56 Pngcrush Project Pngcrush 1.7.57 Pngcrush Project Pngcrush 1.7.58 Pngcrush Project Pngcrush 1.7.59 Pngcrush Project Pngcrush 1.7.60 Pngcrush Project Pngcrush 1.7.61 Pngcrush Project Pngcrush 1.7.62 Pngcrush Project Pngcrush 1.7.63 Pngcrush Project Pngcrush 1.7.64 Pngcrush Project Pngcrush 1.7.65 Pngcrush Project Pngcrush 1.7.66 Pngcrush Project Pngcrush 1.7.67 Pngcrush Project Pngcrush 1.7.68 Pngcrush Project Pngcrush 1.7.69 Pngcrush Project Pngcrush 1.7.70 Pngcrush Project Pngcrush 1.7.71 Pngcrush Project Pngcrush 1.7.72 Pngcrush Project Pngcrush 1.7.73 Pngcrush Project Pngcrush 1.7.74 Pngcrush Project Pngcrush 1.7.75 Pngcrush Project Pngcrush 1.7.76 Pngcrush Project Pngcrush 1.7.77 Pngcrush Project Pngcrush 1.7.78 Pngcrush Project Pngcrush 1.7.79 Pngcrush Project Pngcrush 1.7.80 Pngcrush Project Pngcrush 1.7.81 Pngcrush Project Pngcrush 1.7.82 Pngcrush Project Pngcrush 1.7.83	138

Common Weakness Enumeration (CWE)

CWE-189 - Numeric Errors

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References