CVE-2011-3026

CWE-190 — Integer Overflow CWE-122 — Heap-based Buffer Overflow15 documents6 sources

Severity

6.8MEDIUM

EPSS

43.2%

top 2.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Iphone OS Apple MAC OS X Apple MAC OS X Server +4 more

Timeline

PublishedFeb 16

Latest updateMay 13

Description

Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages7 packages

▶NVDgoogle/chrome< 17.0.963.56

▶NVDapple/mac_os_x10.7.0 — 10.7.5+1

▶NVDapple/iphone_os< 6.0

▶NVDapple/mac_os_x_server10.7.0 — 10.7.5+1

▶NVDopensuse/opensuse11.4

🔴Vulnerability Details

GHSA

GHSA-9qqw-9qvw-hj9x: Integer overflow in libpng, as used in Google Chrome before 17↗2022-05-13

▶

CVEList

CVE-2011-3026: Integer overflow in libpng, as used in Google Chrome before 17↗2012-02-16

▶

📋Vendor Advisories

Red Hat

libpng: buffer overflow in png_inflate caused by invalid type conversions↗2012-03-08

▶

Ubuntu

Thunderbird vulnerability↗2012-02-17

▶

Ubuntu

Xulrunner vulnerability↗2012-02-17

▶

Ubuntu

Firefox vulnerability↗2012-02-17

▶

Red Hat

libpng: Heap buffer overflow in png_decompress_chunk (MFSA 2012-11)↗2012-02-16

▶

💬Community

Bugzilla

CVE-2012-3437 ImageMagick: Magick_png_malloc() size argument↗2012-07-28

▶

Bugzilla

CVE-2012-3438 GraphicsMagick: png_IM_malloc() size argument↗2012-07-28

▶

Bugzilla

CVE-2011-3026 thunderbird: libpng: Heap-buffer-overflow in png_decompress_chunk [fedora-all]↗2012-02-16

▶

Bugzilla

CVE-2011-3026 libpng: Heap-buffer-overflow in png_decompress_chunk [fedora-all]↗2012-02-16

▶

Bugzilla

CVE-2011-3026 firefox: libpng: Heap-buffer-overflow in png_decompress_chunk [fedora-all]↗2012-02-16

▶