CVE-2011-3026

Google Chrome < 17.0.963.56 - Integer Overflow in libpng

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-3026. PoCs published by argp.

AI-analyzed exploit summary This repository contains a README describing an exploit for CVE-2011-3026 targeting Firefox on Linux/x86, as presented in a Black Hat 2012 talk. It references slide decks but does not include actual exploit code.

Description

Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.

Exploits (1)

nomisec WRITEUP 6 stars

by argp · poc

https://github.com/argp/cve-2011-3026-firefox

View Code ZIP pw:eip

This repository contains a README describing an exploit for CVE-2011-3026 targeting Firefox on Linux/x86, as presented in a Black Hat 2012 talk. It references slide decks but does not include actual exploit code.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Complex

Reliability

Theoretical

Target: Firefox (Linux/x86)

No auth needed

Prerequisites: Firefox on Linux/x86 · Knowledge of jemalloc memory allocator

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (13)

Core 13

Core References

Not Applicable third-party-advisory x_refsource_secunia

http://secunia.com/advisories/49660

Mailing List, Third Party Advisory vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html

Third Party Advisory x_refsource_confirm

http://support.apple.com/kb/HT5503

Not Applicable third-party-advisory x_refsource_secunia

http://secunia.com/advisories/48110

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-201206-15.xml

Third Party Advisory vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15032

Exploit, Vendor Advisory x_refsource_confirm

http://code.google.com/p/chromium/issues/detail?id=112822

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00023.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html

Third Party Advisory x_refsource_confirm

http://support.apple.com/kb/HT5501

Release Notes, Vendor Advisory x_refsource_confirm

http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.html

Not Applicable third-party-advisory x_refsource_secunia

http://secunia.com/advisories/48016

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00020.html

Scores

EPSS 0.7316

EPSS Percentile 99.4%

Details

CWE

CWE-190

Status published

Products (9)

apple/iphone_os < 6.0

apple/mac_os_x 10.6.8

apple/mac_os_x 10.7.0 - 10.7.5

apple/mac_os_x_server 10.6.8

apple/mac_os_x_server 10.7.0 - 10.7.5

google/chrome < 17.0.963.56

opensuse/opensuse 11.4

suse/linux_enterprise_server 11 sp1

suse/suse_linux_enterprise_server 11 sp1 (3 CPE variants)

Published Feb 16, 2012

Tracked Since Feb 18, 2026