IBM Informix Genero < 2.41 png_decompress_chunk Integer Overflow

Medium Nessus Plugin ID 64379


The remote host has software installed that is potentially affected by an integer overflow vulnerability.


The installed version of IBM Informix Genero is earlier than 2.41 and is, therefore, potentially affected by an integer overflow vulnerability in the libpng library used by this application. When decompressing certain PNG image files, this could be exploited to crash the application or even execute arbitrary code.


Upgrade to IBM Informix Genero 2.41 or later.

See Also

Plugin Details

Severity: Medium

ID: 64379

File Name: ibm_informix_genero_2_41.nasl

Version: $Revision: 1.4 $

Type: local

Agent: windows

Family: Windows

Published: 2013/01/31

Modified: 2017/07/05

Dependencies: 64378

Risk Information

Risk Factor: Medium


Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:informix, x-cpe:/a:ibm:informix_genero

Required KB Items: SMB/IBM_Informix_Genero/Installed

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2012/02/16

Vulnerability Publication Date: 2012/02/16

Reference Information

CVE: CVE-2011-3026

BID: 52049

OSVDB: 79294