CVE-2011-3045: Integer Overflow
First published: Thu Mar 01 2012(Updated: )
A type conversion flaw leading to an out-of-bounds heap buffer read was found in the way libpng, a library of functions for manipulation PNG image format files, performed expansion of certain iCCP, iTXt, and zTXt PNG image file chunks. A remote attacker could provide a specially-crafted Portable Network Graphics (PNG) image file, which once opened in an application, linked against libpng, could lead to denial of service or in some cases, execution of arbitrary code with permission of the user running such an application. Upstream patch: <a href="http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b#patch3">http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b#patch3</a>
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Chrome | <17.0.963.83 | |
| Fedoraproject Fedora | =17 | |
| Fedoraproject Fedora | =16 | |
| Redhat Enterprise Linux Server Aus | =6.2 | |
| Redhat Enterprise Linux | =6.0 | |
| Redhat Enterprise Linux Workstation | =5.0 | |
| Debian Debian Linux | =6.0 | |
| Redhat Enterprise Linux Desktop | =6.0 | |
| Redhat Enterprise Linux Server Eus | =6.2 | |
| Fedoraproject Fedora | =15 | |
| Redhat Enterprise Linux | =5.0 | |
| Redhat Enterprise Linux Workstation | =6.0 | |
| Redhat Enterprise Linux Desktop | =5.0 | |
| openSUSE openSUSE | =12.1 | |
| Redhat Storage | =2.0 | |
| Redhat Storage For Public Cloud | =2.0 | |
| Redhat Gluster Storage | =2.0 | |
| Libpng Libpng | <1.5.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html
- http://code.google.com/p/chromium/issues/detail?id=116162
- http://src.chromium.org/viewvc/chrome?view=rev&revision=125311
- http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commit;h=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b
- https://bugzilla.redhat.com/show_bug.cgi?id=799000
- http://secunia.com/advisories/48485
- http://secunia.com/advisories/48512
- http://secunia.com/advisories/48554
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076731.html
- http://secunia.com/advisories/48320
- http://lists.opensuse.org/opensuse-updates/2012-03/msg00051.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076461.html
- http://secunia.com/advisories/49660
- http://security.gentoo.org/glsa/glsa-201206-15.xml
- http://www.securitytracker.com/id?1026823
- http://rhn.redhat.com/errata/RHSA-2012-0488.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14763
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:033
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075987.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075981.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075619.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075424.html
- http://www.debian.org/security/2012/dsa-2439
- http://rhn.redhat.com/errata/RHSA-2012-0407.html
- http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html
- http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b
- http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b#patch3
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=801667
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=801665
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=801666
- https://rhn.redhat.com/errata/RHSA-2012-0407.html
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/type
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/event
- agent/tags
- agent/description
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2011-3045
- vendor/google
- canonical/google chrome
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/17
- version/fedoraproject fedora/16
- vendor/redhat
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/6.2
- canonical/redhat enterprise linux
- version/redhat enterprise linux/6.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/5.0
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/6.0
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- canonical/redhat enterprise linux server eus
- version/redhat enterprise linux server eus/6.2
- version/fedoraproject fedora/15
- version/redhat enterprise linux/5.0
- version/redhat enterprise linux workstation/6.0
- version/redhat enterprise linux desktop/5.0
- vendor/opensuse
- canonical/opensuse opensuse
- version/opensuse opensuse/12.1
- canonical/redhat storage
- version/redhat storage/2.0
- canonical/redhat storage for public cloud
- version/redhat storage for public cloud/2.0
- canonical/redhat gluster storage
- version/redhat gluster storage/2.0
- vendor/libpng
- canonical/libpng libpng