8.8
CVE-2011-3045
- EPSS 3.57%
- Veröffentlicht 22.03.2012 16:55:01
- Zuletzt bearbeitet 16.06.2026 23:32:30
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Gluster Storage Version2.0
Redhat ≫ Storage For Public Cloud Version2.0
Debian ≫ Debian Linux Version6.0
Fedoraproject ≫ Fedora Version15
Fedoraproject ≫ Fedora Version16
Fedoraproject ≫ Fedora Version17
Redhat ≫ Enterprise Linux Version5.0
Redhat ≫ Enterprise Linux Version6.0
Redhat ≫ Enterprise Linux Desktop Version5.0
Redhat ≫ Enterprise Linux Desktop Version6.0
Redhat ≫ Enterprise Linux Server Aus Version6.2
Redhat ≫ Enterprise Linux Server Eus Version6.2
Redhat ≫ Enterprise Linux Workstation Version5.0
Redhat ≫ Enterprise Linux Workstation Version6.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.57% | 0.879 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-190 Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.
CWE-195 Signed to Unsigned Conversion Error
The product uses a signed primitive and performs a cast to an unsigned primitive, which can produce an unexpected value if the value of the signed primitive can not be represented using an unsigned primitive.
http://secunia.com/advisories/49660
http://security.gentoo.org/glsa/glsa-201206-15.xml
http://rhn.redhat.com/errata/RHSA-2012-0488.html
http://code.google.com/p/chromium/issues/detail?id=116162
http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075424.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075619.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075981.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075987.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076461.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076731.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html
http://lists.opensuse.org/opensuse-updates/2012-03/msg00051.html
http://rhn.redhat.com/errata/RHSA-2012-0407.html
http://secunia.com/advisories/48320
http://secunia.com/advisories/48485
http://secunia.com/advisories/48512
http://secunia.com/advisories/48554
http://src.chromium.org/viewvc/chrome?view=rev&revision=125311
http://www.debian.org/security/2012/dsa-2439
http://www.mandriva.com/security/advisories?name=MDVSA-2012:033
http://www.securitytracker.com/id?1026823
https://bugzilla.redhat.com/show_bug.cgi?id=799000
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14763