Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2011-2501
HistoryJul 17, 2011 - 8:55 p.m.

CVE-2011-2501

2011-07-1720:55:00
CWE-125
[email protected]
web.nvd.nist.gov
44
cve-2011-2501
libpng
denial of service
application crash
remote attackers
out-of-bounds read
off-by-one error

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.006 Low

EPSS

Percentile

77.3%

JSON

The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message data. NOTE: this vulnerability exists because of a CVE-2004-0421 regression. NOTE: this is called an off-by-one error by some sources.

References

Related

openvas 51
prion 1
nessus 36
fedora 14
ubuntucve 2
veracode 1
securityvulns 5
redhat 2
ubuntu 1
oraclelinux 3
debian 3
slackware 2
cve 1
gentoo 2
freebsd 1
osv 1
cert 4
ibm 1
openvas
openvas
Fedora Update for mingw32-libpng FEDORA-2011-8874
2011-07-18 00:00:00
Fedora Update for mingw32-libpng FEDORA-2011-8868
2011-07-18 00:00:00
Fedora Update for mingw32-libpng FEDORA-2011-8868
2011-07-18 00:00:00
prion
prion
Out-of-bounds
2011-07-17 20:55:00
nessus
nessus
Fedora 14 : mingw32-libpng-1.4.3-2.fc14 (2011-8868)
2011-07-18 00:00:00
Fedora 15 : mingw32-libpng-1.4.3-3.fc15 (2011-8874)
2011-07-18 00:00:00
RHEL 6 : libpng (RHSA-2011:1105)
2011-07-29 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: mingw32-libpng-1.4.3-2.fc14
2011-07-16 07:29:14
[SECURITY] Fedora 15 Update: mingw32-libpng-1.4.3-3.fc15
2011-07-16 07:35:14
[SECURITY] Fedora 14 Update: libpng10-1.0.55-1.fc14
2011-07-23 01:56:18
ubuntucve
ubuntucve
CVE-2011-2501
2011-07-17 00:00:00
CVE-2004-0421
2004-08-18 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:03:15
securityvulns
securityvulns
libpng library multiple security vulnerabilities
2011-07-26 00:00:00
[USN-1175-1] libpng vulnerabilities
2011-07-26 00:00:00
[Full-Disclosure] [OpenPKG-SA-2004.017] OpenPKG Security Advisory (png)
2004-04-30 00:00:00
redhat
redhat
(RHSA-2011:1105) Moderate: libpng security update
2011-07-28 00:00:00
(RHSA-2004:180) libpng security update
2004-05-19 00:00:00
ubuntu
ubuntu
libpng vulnerabilities
2011-07-26 00:00:00
oraclelinux
oraclelinux
libpng security update
2011-08-01 00:00:00
libpng security update
2011-07-28 00:00:00
libpng security update
2011-07-28 00:00:00
debian
debian
[SECURITY] [DSA 2287-1] libpng security update
2011-07-28 16:23:46
[SECURITY] [DSA 498-1] New libpng packages fix denial of service
2004-04-30 10:31:34
[SECURITY] [DSA 498-1] New libpng packages fix denial of service
2004-04-30 10:31:34
slackware
slackware
libpng update
2004-05-03 13:08:30
[slackware-security] libpng
2011-07-29 23:18:23
cve
cve
CVE-2004-0421
2004-08-18 04:00:00
gentoo
gentoo
libpng denial of service vulnerability
2004-05-14 00:00:00
libpng: Multiple vulnerabilities
2012-06-22 00:00:00
freebsd
freebsd
libpng denial-of-service
2004-04-29 00:00:00
osv
osv
libpng - out of bound access
2004-04-30 00:00:00
cert
cert
libpng png_handle_iCCP() NULL pointer dereference
2004-08-04 00:00:00
libpng contains integer overflows in progressive display image reading
2004-08-04 00:00:00
libpng png_handle_sPLT() integer overflow
2004-08-04 00:00:00
ibm
ibm
Security Bulletin: Gdal vulnerabilities affect IBM Netezza Analytics for NPS
2022-06-03 14:32:29

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.006 Low

EPSS

Percentile

77.3%

JSON
Related for CVE-2011-2501
openvas51prion1nessus36fedora14ubuntucve2veracode1securityvulns5redhat2ubuntu1oraclelinux3debian3slackware2cve1gentoo2freebsd1osv1cert4ibm1