CVE-2011-3026

Google Chrome < 17.0.963.56 - Integer Overflow

Title source: rule

Description

Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.

Exploits (1)

nomisec WRITEUP 6 stars

by argp · poc

https://github.com/argp/cve-2011-3026-firefox

View Code ZIP pw:eip

References (13)

Core 13

Core References

Not Applicable third-party-advisory x_refsource_secunia

http://secunia.com/advisories/49660

Mailing List, Third Party Advisory vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html

Third Party Advisory x_refsource_confirm

http://support.apple.com/kb/HT5503

Not Applicable third-party-advisory x_refsource_secunia

http://secunia.com/advisories/48110

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-201206-15.xml

Third Party Advisory vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15032

Exploit, Vendor Advisory x_refsource_confirm

http://code.google.com/p/chromium/issues/detail?id=112822

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00023.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html

Third Party Advisory x_refsource_confirm

http://support.apple.com/kb/HT5501

Release Notes, Vendor Advisory x_refsource_confirm

http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.html

Not Applicable third-party-advisory x_refsource_secunia

http://secunia.com/advisories/48016

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00020.html

Scores

EPSS 0.4317

EPSS Percentile 97.5%

Details

CWE

CWE-190

Status published

Products (9)

apple/iphone_os < 6.0

apple/mac_os_x 10.6.8

apple/mac_os_x 10.7.0 - 10.7.5

apple/mac_os_x_server 10.6.8

apple/mac_os_x_server 10.7.0 - 10.7.5

google/chrome < 17.0.963.56

opensuse/opensuse 11.4

suse/linux_enterprise_server 11 sp1

suse/suse_linux_enterprise_server 11 sp1 (3 CPE variants)

Published Feb 16, 2012

Tracked Since Feb 18, 2026