Vulnerability CVE-2011-3045: Information

Description

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.

Severity: MEDIUM (6.8)

URL: https://nvd.nist.gov/vuln/detail/CVE-2011-3045
Published: March 22, 2012
Modified: Nov. 7, 2023
Error type identifier: CWE-190

References to Advisories, Solutions, and Tools

Hyperlink
Resource
http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html
  • Release Notes
  • Vendor Advisory
http://code.google.com/p/chromium/issues/detail?id=116162
  • Vendor Advisory
http://src.chromium.org/viewvc/chrome?view=rev&revision=125311
  • Patch
  • Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=799000
  • Issue Tracking
  • Patch
  • Third Party Advisory
48485
  • Not Applicable
48512
  • Not Applicable
48554
  • Not Applicable
FEDORA-2012-3705
  • Mailing List
  • Third Party Advisory
48320
  • Not Applicable
openSUSE-SU-2012:0432
  • Mailing List
  • Third Party Advisory
FEDORA-2012-3739
  • Mailing List
  • Third Party Advisory
49660
  • Not Applicable
GLSA-201206-15
  • Third Party Advisory
1026823
  • Third Party Advisory
  • VDB Entry
RHSA-2012:0488
  • Third Party Advisory
oval:org.mitre.oval:def:14763
  • Third Party Advisory
MDVSA-2012:033
  • Not Applicable
FEDORA-2012-3536
  • Mailing List
  • Third Party Advisory
FEDORA-2012-3545
  • Mailing List
  • Third Party Advisory
FEDORA-2012-3605
  • Mailing List
  • Third Party Advisory
FEDORA-2012-3507
  • Mailing List
  • Third Party Advisory
DSA-2439
  • Third Party Advisory
RHSA-2012:0407
  • Third Party Advisory
openSUSE-SU-2012:0466
  • Mailing List
  • Third Party Advisory
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b

      1. Configuration 1

        cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
        End excliding
        17.0.963.83

        Configuration 2

        cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
        cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
        cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_server_eus:6.2:*:*:*:*:*:*:*
        cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
        cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
        cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
        cpe:2.3:a:redhat:storage:2.0:*:*:*:*:*:*:*
        cpe:2.3:a:redhat:storage_for_public_cloud:2.0:*:*:*:*:*:*:*
        cpe:2.3:a:redhat:gluster_storage:2.0:*:*:*:*:*:*:*

        Configuration 3

        cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*
        End excliding
        1.5.10
    VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
    Version: v24.5.3
    Back to top