Lucene search

K
nvd[email protected]NVD:CVE-2011-3045
HistoryMar 22, 2012 - 4:55 p.m.

CVE-2011-3045

2012-03-2216:55:01
CWE-190
web.nvd.nist.gov
10

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

9

Confidence

High

EPSS

0.832

Percentile

98.5%

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.

Affected configurations

Nvd
Node
googlechromeRange<17.0.963.83
Node
redhatgluster_storageMatch2.0
OR
redhatstorageMatch2.0
OR
redhatstorage_for_public_cloudMatch2.0
OR
debiandebian_linuxMatch6.0
OR
fedoraprojectfedoraMatch15
OR
fedoraprojectfedoraMatch16
OR
fedoraprojectfedoraMatch17
OR
opensuseopensuseMatch12.1
OR
redhatenterprise_linuxMatch5.0
OR
redhatenterprise_linuxMatch6.0
OR
redhatenterprise_linux_desktopMatch5.0
OR
redhatenterprise_linux_desktopMatch6.0
OR
redhatenterprise_linux_server_ausMatch6.2
OR
redhatenterprise_linux_server_eusMatch6.2
OR
redhatenterprise_linux_workstationMatch5.0
OR
redhatenterprise_linux_workstationMatch6.0
Node
libpnglibpngRange<1.5.10
VendorProductVersionCPE
googlechrome*cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
redhatgluster_storage2.0cpe:2.3:a:redhat:gluster_storage:2.0:*:*:*:*:*:*:*
redhatstorage2.0cpe:2.3:a:redhat:storage:2.0:*:*:*:*:*:*:*
redhatstorage_for_public_cloud2.0cpe:2.3:a:redhat:storage_for_public_cloud:2.0:*:*:*:*:*:*:*
debiandebian_linux6.0cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
fedoraprojectfedora15cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*
fedoraprojectfedora16cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*
fedoraprojectfedora17cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
opensuseopensuse12.1cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
redhatenterprise_linux5.0cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
Rows per page:
1-10 of 181

References

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

9

Confidence

High

EPSS

0.832

Percentile

98.5%