CVE-2011-3048

The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
VendorProductVersion
libpnglibpng
1.0.0
libpnglibpng
1.0.1
libpnglibpng
1.0.2
libpnglibpng
1.0.3
libpnglibpng
1.0.5
libpnglibpng
1.0.6
libpnglibpng
1.0.7
libpnglibpng
1.0.8
libpnglibpng
1.0.9
libpnglibpng
1.0.10
libpnglibpng
1.0.11
libpnglibpng
1.0.12
libpnglibpng
1.0.13
libpnglibpng
1.0.14
libpnglibpng
1.0.15
libpnglibpng
1.0.16
libpnglibpng
1.0.17
libpnglibpng
1.0.18
libpnglibpng
1.0.19
libpnglibpng
1.0.20
libpnglibpng
1.0.21
libpnglibpng
1.0.22
libpnglibpng
1.0.23
libpnglibpng
1.0.24
libpnglibpng
1.0.25
libpnglibpng
1.0.26
libpnglibpng
1.0.27
libpnglibpng
1.0.28
libpnglibpng
1.0.29
libpnglibpng
1.0.30
libpnglibpng
1.0.31
libpnglibpng
1.0.32
libpnglibpng
1.0.33
libpnglibpng
1.0.34
libpnglibpng
1.0.35
libpnglibpng
1.0.37
libpnglibpng
1.0.38
libpnglibpng
1.0.39
libpnglibpng
1.0.40
libpnglibpng
1.0.41
libpnglibpng
1.0.42
libpnglibpng
1.0.43
libpnglibpng
1.0.44
libpnglibpng
1.0.45
libpnglibpng
1.0.46
libpnglibpng
1.0.47
libpnglibpng
1.0.48
libpnglibpng
1.0.50
libpnglibpng
1.0.51
libpnglibpng
1.0.52
libpnglibpng
1.0.53
libpnglibpng
1.0.54
libpnglibpng
1.0.55
libpnglibpng
1.0.55:rc01
libpnglibpng
1.0.56
libpnglibpng
1.0.56:devel
libpnglibpng
1.0.57
libpnglibpng
1.0.57:rc01
libpnglibpng
1.0.58
libpnglibpng
1.2.0
libpnglibpng
1.2.1
libpnglibpng
1.2.2
libpnglibpng
1.2.3
libpnglibpng
1.2.4
libpnglibpng
1.2.5
libpnglibpng
1.2.6
libpnglibpng
1.2.7
libpnglibpng
1.2.8
libpnglibpng
1.2.9
libpnglibpng
1.2.10
libpnglibpng
1.2.11
libpnglibpng
1.2.12
libpnglibpng
1.2.13
libpnglibpng
1.2.14
libpnglibpng
1.2.15
libpnglibpng
1.2.16
libpnglibpng
1.2.17
libpnglibpng
1.2.18
libpnglibpng
1.2.19
libpnglibpng
1.2.20
libpnglibpng
1.2.21
libpnglibpng
1.2.22
libpnglibpng
1.2.23
libpnglibpng
1.2.24
libpnglibpng
1.2.25
libpnglibpng
1.2.26
libpnglibpng
1.2.27
libpnglibpng
1.2.28
libpnglibpng
1.2.29
libpnglibpng
1.2.30
libpnglibpng
1.2.31
libpnglibpng
1.2.32
libpnglibpng
1.2.33
libpnglibpng
1.2.34
libpnglibpng
1.2.35
libpnglibpng
1.2.36
libpnglibpng
1.2.37
libpnglibpng
1.2.38
libpnglibpng
1.2.39
libpnglibpng
1.2.40
libpnglibpng
1.2.41
libpnglibpng
1.2.42
libpnglibpng
1.2.43
libpnglibpng
1.2.43:devel
libpnglibpng
1.2.44
libpnglibpng
1.2.45
libpnglibpng
1.2.45:devel
libpnglibpng
1.2.46
libpnglibpng
1.2.46:devel
libpnglibpng
1.2.47
libpnglibpng
1.2.47:beta
libpnglibpng
1.2.48
libpnglibpng
1.2.48:betas
libpnglibpng
1.4.0
libpnglibpng
1.4.1
libpnglibpng
1.4.2
libpnglibpng
1.4.3
libpnglibpng
1.4.4
libpnglibpng
1.4.5
libpnglibpng
1.4.6
libpnglibpng
1.4.7
libpnglibpng
1.4.8
libpnglibpng
1.4.9
libpnglibpng
1.4.10
libpnglibpng
1.5.0:beta
libpnglibpng
1.5.1
libpnglibpng
1.5.1:beta
libpnglibpng
1.5.2
libpnglibpng
1.5.2:beta
libpnglibpng
1.5.3:beta
libpnglibpng
1.5.4
libpnglibpng
1.5.4:beta
libpnglibpng
1.5.5
libpnglibpng
1.5.5:beta
libpnglibpng
1.5.6
libpnglibpng
1.5.6:beta
libpnglibpng
1.5.7
libpnglibpng
1.5.7:beta
libpnglibpng
1.5.8
libpnglibpng
1.5.8:beta
libpnglibpng
1.5.9
libpnglibpng
1.5.9:beta
libpnglibpng
1.5.10:beta
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
hardy
dne
firefox
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
hardy
ignored
libpng
oneiric
Fixed 1.2.46-3ubuntu1.3
released
natty
Fixed 1.2.44-1ubuntu3.4
released
maverick
Fixed 1.2.44-1ubuntu0.4
released
lucid
Fixed 1.2.42-1ubuntu2.5
released
hardy
Fixed 1.2.15~beta5-3ubuntu0.7
released
thunderbird
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
hardy
ignored
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077007.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077043.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077472.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077819.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079039.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079051.html
http://rhn.redhat.com/errata/RHSA-2012-0523.html
http://secunia.com/advisories/48587
http://secunia.com/advisories/48644
http://secunia.com/advisories/48665
http://secunia.com/advisories/48721
http://secunia.com/advisories/48983
http://secunia.com/advisories/49660
http://security.gentoo.org/glsa/glsa-201206-15.xml
http://support.apple.com/kb/HT5501
http://support.apple.com/kb/HT5503
http://ubuntu.com/usn/usn-1417-1
http://www.debian.org/security/2012/dsa-2446
http://www.libpng.org/pub/png/libpng.html
http://www.libpng.org/pub/png/src/libpng-1.5.10-README.txt
http://www.mandriva.com/security/advisories?name=MDVSA-2012:046
http://www.osvdb.org/80822
http://www.securityfocus.com/bid/52830
http://www.securitytracker.com/id?1026879
https://exchange.xforce.ibmcloud.com/vulnerabilities/74494
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077007.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077043.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077472.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077819.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079039.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079051.html
http://rhn.redhat.com/errata/RHSA-2012-0523.html
http://secunia.com/advisories/48587
http://secunia.com/advisories/48644
http://secunia.com/advisories/48665
http://secunia.com/advisories/48721
http://secunia.com/advisories/48983
http://secunia.com/advisories/49660
http://security.gentoo.org/glsa/glsa-201206-15.xml
http://support.apple.com/kb/HT5501
http://support.apple.com/kb/HT5503
http://ubuntu.com/usn/usn-1417-1
http://www.debian.org/security/2012/dsa-2446
http://www.libpng.org/pub/png/libpng.html
http://www.libpng.org/pub/png/src/libpng-1.5.10-README.txt
http://www.mandriva.com/security/advisories?name=MDVSA-2012:046
http://www.osvdb.org/80822
http://www.securityfocus.com/bid/52830
http://www.securitytracker.com/id?1026879
https://exchange.xforce.ibmcloud.com/vulnerabilities/74494