CVE-2011-2692

The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory.

Published: Jul 17, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-2692
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
libpng / libpng	1.5.0	1.5.4
libpng / libpng	1.4.0	1.4.8
libpng / libpng	1.2.0	1.2.45
libpng / libpng	1.0.0	1.0.55
fedoraproject / fedora	14	14.x
debian / debian_linux	5.0	5.0.x
debian / debian_linux	6.0	6.0.x
canonical / ubuntu_linux	10.10	10.10.x
canonical / ubuntu_linux	11.04	11.04.x
canonical / ubuntu_linux	10.04	10.04.x
canonical / ubuntu_linux	8.04	8.04.x

Vulnerability Database

289,697

CVE-2011-2692