CVE-2011-2692

The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory.
References
Link Resource
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=61a2d8a2a7b03023e63eae9a3e64607aaaa6d339
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html Mailing List Third Party Advisory
http://secunia.com/advisories/45046 Broken Link
http://secunia.com/advisories/45405 Broken Link
http://secunia.com/advisories/45415 Broken Link
http://secunia.com/advisories/45445 Broken Link
http://secunia.com/advisories/45460 Broken Link
http://secunia.com/advisories/45461 Broken Link
http://secunia.com/advisories/45492 Broken Link
http://secunia.com/advisories/49660 Broken Link
http://security.gentoo.org/glsa/glsa-201206-15.xml Third Party Advisory
http://sourceforge.net/mailarchive/forum.php?thread_name=003101cc2790%24fb5d6e80%24f2184b80%24%40acm.org&forum_name=png-mng-implement Exploit Issue Tracking Third Party Advisory
http://support.apple.com/kb/HT5002 Third Party Advisory
http://support.apple.com/kb/HT5281 Third Party Advisory
http://www.debian.org/security/2011/dsa-2287 Third Party Advisory
http://www.kb.cert.org/vuls/id/819894 Third Party Advisory US Government Resource
http://www.libpng.org/pub/png/libpng.html Product Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:151 Broken Link
http://www.openwall.com/lists/oss-security/2011/07/13/2 Mailing List Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-1103.html Broken Link
http://www.redhat.com/support/errata/RHSA-2011-1104.html Broken Link
http://www.redhat.com/support/errata/RHSA-2011-1105.html Broken Link
http://www.securityfocus.com/bid/48618 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-1175-1 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=720612 Issue Tracking Patch Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/68536 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*

History

No history.

Information

Published : 2011-07-17 20:55

Updated : 2024-02-04 17:54


NVD link : CVE-2011-2692

Mitre link : CVE-2011-2692

CVE.ORG link : CVE-2011-2692


JSON object : View

Products Affected

debian

  • debian_linux

fedoraproject

  • fedora

libpng

  • libpng

canonical

  • ubuntu_linux
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer