CVE-2015-6673

Name: CVE-2015-6673
Creator: NVD / NIST
Published: 2017-09-20T18:29:01.25+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.91%

Last modified Jun 17, 2026

CVE-2015-6673 is a vulnerability of currently unknown severity. Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32.. EPSS estimates a 1.91% chance of exploitation in the next 30 days.

Description

Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32.

Metrics

EPSS Probability

1.91%

77.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-416

Affected Software

Vendor	Product	Versions
Libpgf	Libpgf	<= 6.14.12

References

http://www.openwall.com/lists/oss-security/2015/08/25/9Mailing List, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1251749Issue Tracking, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/12/msg00017.html
https://security-tracker.debian.org/tracker/CVE-2015-6673/Third Party Advisory
https://sourceforge.net/p/libpgf/code/147/Third Party Advisory
https://sourceforge.net/p/libpgf/code/148/Third Party Advisory
https://sourceforge.net/p/libpgf/code/HEAD/tree/trunk/libpgf/INSTALLThird Party Advisory
https://usn.ubuntu.com/4554-1/
http://www.openwall.com/lists/oss-security/2015/08/25/9Mailing List, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1251749Issue Tracking, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/12/msg00017.html
https://security-tracker.debian.org/tracker/CVE-2015-6673/Third Party Advisory
https://sourceforge.net/p/libpgf/code/147/Third Party Advisory
https://sourceforge.net/p/libpgf/code/148/Third Party Advisory
https://sourceforge.net/p/libpgf/code/HEAD/tree/trunk/libpgf/INSTALLThird Party Advisory
https://usn.ubuntu.com/4554-1/

Timeline

Published: Sep 20, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2015-6673?

Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32.

How severe is CVE-2015-6673?

Severity scoring for CVE-2015-6673 is pending analysis. The EPSS model estimates a 1.91% probability of exploitation in the next 30 days.

How do I fix CVE-2015-6673?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2015-6673?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST