JVNDB-2015-005911
|
libpng �� png_set_PLTE ����� png_get_PLTE ���ɂ�����o�b�t�@�I�[�o�[�t���[�̐Ǝ㐫
|
|
ibpng �� (1) png_set_PLTE ����� (2) png_get_PLTE ���ɂ́A�o�b�t�@�I�[�o�[�t���[�̐Ǝ㐫�����݂��܂��B
|
|
CVSS v2 �ɂ��[���x
��{�l: 7.5 (�댯) [NVD�l]
- �U�����敪: �l�b�g���[�N
- �U�������̕��G��: ��
- �U���O�̔F�ؗv��: �s�v
- �@�����ւ̉e��(C): �����I
- ���S���ւ̉e��(I): �����I
- �p���ւ̉e��(A): �����I
|
|
|
PNG Development Group
- libpng 1.0.64 ����
- libpng 1.1.x
- libpng 1.2.54 ������ 1.2.x
- libpng 1.3.x
- libpng 1.4.17 ������ 1.4.x
- libpng 1.5.24 ������ 1.5.x
- libpng 1.6.19 ������ 1.6.x
�A�b�v��
- Apple Mac OS X 10.10.5
- Apple Mac OS X 10.11 ���� 10.11.3
�I���N��
- JDK 6 Update 105
- JDK 7 Update 91
- JDK 8 Update 66
- JRE 6 Update 105
- JRE 7 Update 91
- JRE 8 Update 66
- Oracle Java SE Embedded 8 Update 65
����
- Cosminexus Developer's Kit for Java(TM)
- Hitachi Application Server
- Hitachi Application Server for Developers
- Hitachi Developer's Kit for Java
- uCosminexus Application Server -R
- uCosminexus Application Server Express
- uCosminexus Application Server Light
- uCosminexus Application Server Standard-R
- uCosminexus Application Server Enterprise
- uCosminexus Application Server Smart Edition
- uCosminexus Application Server Standard
- uCosminexus Client
- uCosminexus Client for Plug-in
- uCosminexus Developer 01
- uCosminexus Developer Professional
- uCosminexus Developer Professional for Plug-in
- uCosminexus Developer Light
- uCosminexus Developer Standard
- uCosminexus Operator
- uCosminexus Primary Server Base
- uCosminexus Server Standard-R
- uCosminexus Service Architect
- uCosminexus Service Platform
- uCosminexus Service Platform - Messaging
|
�{�Ǝ㐫�̉e������ �������i�̏ڍׂɂ��ẮA�x���_��� HS16-003 �����m�F���������B
|
|
��O�҂ɂ��APNG �摜�� IHDR (�ʖ� �C���[�W�w�b�_) �`�����N�̉ߓx�ɏ����� bit-depth �l����āA�T�[�r�X�^�p�W�Q (�A�v���P�[�V�����N���b�V��) ��Ԃɂ����ȂǁA�s����̉e������\��������܂��B
|
|
�x���_��萳���ȑ��J����Ă��܂��B�x���_�����Q�Ƃ��ēK�ȑ�����{���Ă��������B
|
|
Google
PNG Development Group
�A�b�v��
�I���N��
�^�[�{���i�b�N�X
����
- Hitachi Software Vulnerability Information : HS16-003
- �\�t�g�E�F�A���i�Z�L�����e�B��� : HS16-003
�x�m��
|
|
- �ÓT�I�o�b�t�@�I�[�o�[�t���[(CWE-120) [NVD�]��]
|
|
- CVE-2015-8126
|
|
- JVN : JVNVU#97668313
- National Vulnerability Database (NVD) : CVE-2015-8126
- IPA �d�v�ȃZ�L�����e�B��� : Oracle Java �̐Ǝ㐫��ɂ���(CVE-2016-0494��)
- JPCERT ���ӊ��N : JPCERT-AT-2016-0005
- �֘A���� : CVE request: libpng buffer overflow in png_set_PLTE
|
|
- [2015�N11��16��]
�f��
[2016�N01��28��]
�e������V�X�e���F�x���_���̒lj��ɔ������e���X�V
�x���_���F�I���N�� (Text Form of Oracle Critical Patch Update - January 2016 Risk Matrices) ��lj�
�x���_���F�I���N�� (Oracle Critical Patch Update Advisory - January 2016) ��lj�
�x���_���F�I���N�� (January 2016 Critical Patch Update Released) ��lj�
�x���_���F�x�m�� (Oracle Corporation Java�v���O�C���̐Ǝ㐫�Ɋւ��邨�m�点) ��lj�
�Q�l���FIPA �d�v�ȃZ�L�����e�B��� (Oracle Java �̐Ǝ㐫��ɂ���(CVE-2016-0494��) ��lj�
�Q�l���FJPCERT ���ӊ��N (JPCERT-AT-2016-0005) ��lj�
[2016�N02��15��]
�e������V�X�e���F�x���_���̒lj��ɔ������e���X�V
�x���_���F���� (HS16-003) ��lj�
[2016�N03��29��]
�e������V�X�e���F�x���_���̒lj��ɔ������e���X�V
�x���_���F�A�b�v�� (HT206167) ��lj�
�x���_���F�A�b�v�� (APPLE-SA-2016-03-21-5 OS X El Capitan 10.11.4 and Security Update 2016-002) ��lj�
�Q�l���FJVN (JVNVU#97668313) ��lj�
[2016�N03��31��]
�x���_���FGoogle (Issue 560291) ��lj�
�x���_���FGoogle (Stable Channel Update) ��lj�
[2016�N05��31��]
�x���_���F�^�[�{���i�b�N�X (TLSA-2016-11) ��lj�
|
