[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110139

 
 

909

 
 

85964

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2011-2692Date: (C)2011-07-17   (M)2018-06-11


The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 4.3
Exploit Score: Exploit Score: 8.6
Impact Score: Impact Score: 2.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: NETWORK
Attack Complexity: Access Complexity: MEDIUM
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: NONE
Scope: Integrity: NONE
Confidentiality: Availability: PARTIAL
Integrity:  
Availability:  
  
Reference:
SECUNIA-45046
SECUNIA-45405
SECUNIA-45415
SECUNIA-45445
SECUNIA-45460
SECUNIA-45461
SECUNIA-45492
BID-48618
SECUNIA-49660
APPLE-SA-2011-10-12-3
APPLE-SA-2012-05-09-1
DSA-2287
FEDORA-2011-9336
GLSA-201206-15
MDVSA-2011:151
RHSA-2011:1103
RHSA-2011:1104
RHSA-2011:1105
USN-1175-1
VU#819894
http://www.openwall.com/lists/oss-security/2011/07/13/2
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commit;h=61a2d8a2a7b03023e63eae9a3e64607aaaa6d339
http://sourceforge.net/mailarchive/forum.php?thread_name=003101cc2790%24fb5d6e80%24f2184b80%24%40acm.org&forum_name=png-mng-implement
http://support.apple.com/kb/HT5002
http://support.apple.com/kb/HT5281
http://www.libpng.org/pub/png/libpng.html
https://bugzilla.redhat.com/show_bug.cgi?id=720612
libpng-png-file-dos(68536)

CPE    105
cpe:/a:libpng:libpng:1.4.4
cpe:/a:libpng:libpng:1.4.3
cpe:/a:libpng:libpng:1.4.2
cpe:/a:libpng:libpng:1.4.1
...
CWE    1
CWE-119
OVAL    26
oval:org.secpod.oval:def:600598
oval:org.secpod.oval:def:700562
oval:org.secpod.oval:def:3148
oval:org.secpod.oval:def:5820
...

© SecPod Technologies