CVE-2011-2692
high-risk
Published 2011-07-17
The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory.
Do I need to act?
~
7.5% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10
High
NETWORK
/ LOW complexity
Affected Products (8)
Affected Vendors
References (56)
Broken Link
http://secunia.com/advisories/45046
Broken Link
http://secunia.com/advisories/45405
Broken Link
http://secunia.com/advisories/45415
Broken Link
http://secunia.com/advisories/45445
Broken Link
http://secunia.com/advisories/45460
Broken Link
http://secunia.com/advisories/45461
Broken Link
http://secunia.com/advisories/45492
Broken Link
http://secunia.com/advisories/49660
Third Party Advisory
http://security.gentoo.org/glsa/glsa-201206-15.xml
Third Party Advisory
http://support.apple.com/kb/HT5002
Third Party Advisory
http://support.apple.com/kb/HT5281
Third Party Advisory
http://www.debian.org/security/2011/dsa-2287
Third Party Advisory
http://www.kb.cert.org/vuls/id/819894
and 36 more references
54
/ 100
high-risk
Severity
30/34 · Critical
Exploitability
10/34 · Low
Exposure
14/34 · Moderate