8.8

CVE-2011-2690

Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have unspecified other impact, via a crafted PNG image.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LibpngLibpng Version >= 1.0.0 < 1.0.55
LibpngLibpng Version >= 1.2.0 < 1.2.45
LibpngLibpng Version >= 1.4.0 < 1.4.8
LibpngLibpng Version >= 1.5.0 < 1.5.4
FedoraprojectFedora Version14
DebianDebian Linux Version5.0
DebianDebian Linux Version6.0
CanonicalUbuntu Linux Version8.04
CanonicalUbuntu Linux Version10.04
CanonicalUbuntu Linux Version10.10
CanonicalUbuntu Linux Version11.04
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.29% 0.869
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

http://www.libpng.org/pub/png/libpng.html
Vendor Advisory
Product
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
Third Party Advisory
Mailing List
http://support.apple.com/kb/HT5002
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/45046
Broken Link
http://secunia.com/advisories/45405
Broken Link
http://secunia.com/advisories/45415
Broken Link
http://secunia.com/advisories/45460
Broken Link
http://secunia.com/advisories/45492
Broken Link
http://secunia.com/advisories/49660
Broken Link
http://security.gentoo.org/glsa/glsa-201206-15.xml
Third Party Advisory
http://www.debian.org/security/2011/dsa-2287
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:151
Broken Link
http://www.redhat.com/support/errata/RHSA-2011-1105.html
Broken Link
http://www.ubuntu.com/usn/USN-1175-1
Third Party Advisory
http://secunia.com/advisories/45461
Broken Link
http://www.openwall.com/lists/oss-security/2011/07/13/2
Third Party Advisory
Mailing List
http://www.redhat.com/support/errata/RHSA-2011-1104.html
Broken Link
http://www.securityfocus.com/bid/48660
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=720607
Third Party Advisory
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/68538
Third Party Advisory
VDB Entry