High severity7.8NVD Advisory· Published Oct 6, 2017· Updated Jun 17, 2026
CVE-2015-2158
CVE-2015-2158
Description
Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.7.84
Patches
Vulnerability mechanics
References
4- www.openwall.com/lists/oss-security/2015/03/01/1nvdMailing ListPatchThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- sourceforge.net/p/pmt/news/2015/02/pngcrush-1784-released/nvdPatchThird Party Advisory
- www.securityfocus.com/bid/72830nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.