CVE-2011-2692

high

Description

The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory.

References

Advisories
More

https://exchange.xforce.ibmcloud.com/vulnerabilities/68536

https://bugzilla.redhat.com/show_bug.cgi?id=720612

http://www.ubuntu.com/usn/USN-1175-1

http://www.securityfocus.com/bid/48618

http://www.openwall.com/lists/oss-security/2011/07/13/2

http://www.kb.cert.org/vuls/id/819894

http://www.debian.org/security/2011/dsa-2287

http://support.apple.com/kb/HT5281

http://support.apple.com/kb/HT5002

http://security.gentoo.org/glsa/glsa-201206-15.xml

http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html

http://lists.apple.com/archives/security-announce/2012/May/msg00001.html

http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

http://www.libpng.org/pub/png/libpng.html

http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=61a2d8a2a7b03023e63eae9a3e64607aaaa6d339

Details

Source: Mitre, NVD

Published: 2011-07-17

Updated: 2025-04-11

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.06252