CVE-2011-2692
HIGHlibpng 1.0.0-1.0.54, 1.2.0-1.2.44, 1.4.0-1.4.7, 1.5.0-1.5.3 - Memory Corruption via Invalid sCAL Chunk Handling
Title source: llmDescription
The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory.
References (28)
Core 28
Core References
Product x_refsource_confirm
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=61a2d8a2a7b03023e63eae9a3e64607aaaa6d339
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/49660
Broken Link vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2011-1103.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/48618
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/45046
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1175-1
Broken Link vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:151
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=720612
Exploit, Issue Tracking, Third Party Advisory x_refsource_confirm
http://sourceforge.net/mailarchive/forum.php?thread_name=003101cc2790%24fb5d6e80%24f2184b80%24%40acm.org&forum_name=png-mng-implement
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201206-15.xml
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/45461
Product, Vendor Advisory x_refsource_confirm
http://www.libpng.org/pub/png/libpng.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2011/dsa-2287
Mailing List, Third Party Advisory vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/45405
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/45445
Broken Link vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2011-1105.html
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/45460
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2011/07/13/2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/68536
Third Party Advisory x_refsource_confirm
http://support.apple.com/kb/HT5002
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/45492
Third Party Advisory x_refsource_confirm
http://support.apple.com/kb/HT5281
Broken Link vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2011-1104.html
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/819894
Mailing List, Third Party Advisory vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
Broken Link third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/45415
Scores
CVSS v3
8.8
EPSS
0.0423
EPSS Percentile
89.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (8)
canonical/ubuntu_linux
8.04
canonical/ubuntu_linux
10.04
canonical/ubuntu_linux
10.10
canonical/ubuntu_linux
11.04
debian/debian_linux
5.0
debian/debian_linux
6.0
fedoraproject/fedora
14
libpng/libpng
1.0.0 - 1.0.55
Published
Jul 17, 2011
Tracked Since
Feb 18, 2026