CVE-2011-2692

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory.

References

http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commit;h=61a2d8a2a7b03023e63eae9a3e64607aaaa6d339

http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

http://lists.apple.com/archives/security-announce/2012/May/msg00001.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html

http://secunia.com/advisories/45046

http://secunia.com/advisories/45405

http://secunia.com/advisories/45415

http://secunia.com/advisories/45445

http://secunia.com/advisories/45460

http://secunia.com/advisories/45461

http://secunia.com/advisories/45492

http://secunia.com/advisories/49660

http://security.gentoo.org/glsa/glsa-201206-15.xml

http://sourceforge.net/mailarchive/forum.php?thread_name=003101cc2790%24fb5d6e80%24f2184b80%24%40acm.org&forum_name=png-mng-implement

http://support.apple.com/kb/HT5002

http://support.apple.com/kb/HT5281

http://www.debian.org/security/2011/dsa-2287

http://www.kb.cert.org/vuls/id/819894

http://www.libpng.org/pub/png/libpng.html

http://www.mandriva.com/security/advisories?name=MDVSA-2011:151

http://www.openwall.com/lists/oss-security/2011/07/13/2

http://www.redhat.com/support/errata/RHSA-2011-1103.html

http://www.redhat.com/support/errata/RHSA-2011-1104.html

http://www.redhat.com/support/errata/RHSA-2011-1105.html

http://www.securityfocus.com/bid/48618

http://www.ubuntu.com/usn/USN-1175-1

https://bugzilla.redhat.com/show_bug.cgi?id=720612

https://exchange.xforce.ibmcloud.com/vulnerabilities/68536

Details

Source: MITRE

Published: 2011-07-17

Updated: 2020-08-06

Type: CWE-119

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 8.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*

Tenable Plugins

View all (34 total)

IDNameProductFamilySeverity
124924EulerOS Virtualization 3.0.1.0 : libpng (EulerOS-SA-2019-1421)NessusHuawei Local Security Checks
high
75913openSUSE Security Update : libpng14 (libpng14-4949)NessusSuSE Local Security Checks
high
75911openSUSE Security Update : libpng12 (libpng12-4947)NessusSuSE Local Security Checks
high
75604openSUSE Security Update : libpng14 (libpng14-4949)NessusSuSE Local Security Checks
high
75603openSUSE Security Update : libpng12 (libpng12-4947)NessusSuSE Local Security Checks
high
68318Oracle Linux 6 : libpng (ELSA-2011-1105)NessusOracle Linux Local Security Checks
medium
68317Oracle Linux 5 : libpng (ELSA-2011-1104)NessusOracle Linux Local Security Checks
medium
68316Oracle Linux 4 : libpng (ELSA-2011-1103)NessusOracle Linux Local Security Checks
medium
61101Scientific Linux Security Update : libpng on SL6.x i386/x86_64NessusScientific Linux Local Security Checks
medium
61100Scientific Linux Security Update : libpng on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
medium
61099Scientific Linux Security Update : libpng on SL4.x i386/x86_64NessusScientific Linux Local Security Checks
medium
59668GLSA-201206-15 : libpng: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
59067Mac OS X Multiple Vulnerabilities (Security Update 2012-002) (BEAST)NessusMacOS X Local Security Checks
critical
57218SuSE 10 Security Update : libpng (ZYPP Patch Number 7670)NessusSuSE Local Security Checks
high
56529Mandriva Linux Security Advisory : libpng (MDVSA-2011:151)NessusMandriva Local Security Checks
medium
6039Mac OS X 10.7 < 10.7.2 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
56481Mac OS X Multiple Vulnerabilities (Security Update 2011-006)NessusMacOS X Local Security Checks
critical
56480Mac OS X 10.7.x < 10.7.2 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
56268CentOS 5 : libpng (CESA-2011:1104)NessusCentOS Local Security Checks
medium
55989Fedora 14 : mingw32-libpng-1.4.8-1.fc14 (2011-10954)NessusFedora Local Security Checks
medium
55987Fedora 15 : mingw32-libpng-1.4.8-1.fc15 (2011-10928)NessusFedora Local Security Checks
medium
55897SuSE 10 Security Update : libpng (ZYPP Patch Number 7669)NessusSuSE Local Security Checks
high
55896SuSE 11.1 Security Update : libpng (SAT Patch Number 4948)NessusSuSE Local Security Checks
high
55895SuSE9 Security Update : libpng (YOU Patch Number 12815)NessusSuSE Local Security Checks
high
55838CentOS 4 : libpng (CESA-2011:1103)NessusCentOS Local Security Checks
medium
55738Fedora 14 : libpng-1.2.46-1.fc14 (2011-9336)NessusFedora Local Security Checks
medium
55727RHEL 6 : libpng (RHSA-2011:1105)NessusRed Hat Local Security Checks
medium
55726RHEL 5 : libpng (RHSA-2011:1104)NessusRed Hat Local Security Checks
medium
55725RHEL 4 : libpng (RHSA-2011:1103)NessusRed Hat Local Security Checks
medium
55721Debian DSA-2287-1 : libpng - several vulnerabilitiesNessusDebian Local Security Checks
medium
55699Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : libpng vulnerabilities (USN-1175-1)NessusUbuntu Local Security Checks
medium
55655Fedora 14 : libpng10-1.0.55-1.fc14 (2011-8867)NessusFedora Local Security Checks
medium
55654Fedora 15 : libpng10-1.0.55-1.fc15 (2011-8844)NessusFedora Local Security Checks
medium
55612Fedora 15 : libpng-1.2.46-1.fc15 (2011-9343)NessusFedora Local Security Checks
medium