* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.
CVE-2015-0973 - High Severity Vulnerability
Vulnerable Library - dplus-browserfltk130s
Library home page: https://sourceforge.net/projects/dplus-browser/
Found in HEAD commit: 38c8615a6d0a047787b5e7401328782154ba03e4
Library Source Files (6)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /github-scanner-test/libpng/pngpriv.h - /github-scanner-test/libpng/pngpread.c - /github-scanner-test/libpng/pngread.c - /github-scanner-test/libpng/pngwrite.c - /github-scanner-test/libpng/pngrtran.c - /github-scanner-test/libpng/pngrutil.c
Vulnerability Details
Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.
Publish Date: 2015-01-18
URL: CVE-2015-0973
CVSS 2 Score Details (7.5)
Base Score Metrics not available
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-0973
Release Date: 2015-01-18
Fix Resolution: 1.5.21,1.6.16
Step up your Open Source Security Game with WhiteSource here