Lucene search
CentOS Update for libpng10 CESA-2011:1103 centos4 x86_64
🗓️ 30 Jul 2012 00:00:00Reported by Copyright (C) 2012 Greenbone AGType 
openvas🔗 plugins.openvas.org👁 18 Views
The remote host is missing an update for the 'libpng10' package(s) announced via the referenced advisory. The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. An uninitialized memory read issue was found in the way libpng processed certain PNG images that use the Physical Scale (sCAL) extension. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash. (CVE-2011-2692) Users of libpng and libpng10 should upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using libpng or libpng10 must be restarted for the update to take effect
Show more
| Reporter | Title | Published | Views | Family All 138 |
|---|---|---|---|---|
| RedHat Update for libpng RHSA-2011:1103-01 | 2 Aug 201100:00 | – | openvas |
| RedHat Update for libpng RHSA-2011:1103-01 | 2 Aug 201100:00 | – | openvas |
| CentOS Update for libpng10 CESA-2011:1103 centos4 x86_64 | 30 Jul 201200:00 | – | openvas |
| CentOS Update for libpng10 CESA-2011:1103 centos4 i386 | 18 Aug 201100:00 | – | openvas |
| CentOS Update for libpng10 CESA-2011:1103 centos4 i386 | 18 Aug 201100:00 | – | openvas |
| RedHat Update for libpng RHSA-2011:1104-01 | 2 Aug 201100:00 | – | openvas |
| RedHat Update for libpng RHSA-2011:1104-01 | 2 Aug 201100:00 | – | openvas |
| CentOS Update for libpng CESA-2011:1104 centos5 i386 | 23 Sep 201100:00 | – | openvas |
| CentOS Update for libpng CESA-2011:1104 centos5 x86_64 | 30 Jul 201200:00 | – | openvas |
| CentOS Update for libpng CESA-2011:1104 centos5 x86_64 | 30 Jul 201200:00 | – | openvas |
10
# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_xref(name:"URL", value:"http://lists.centos.org/pipermail/centos-announce/2011-August/017668.html");
script_oid("1.3.6.1.4.1.25623.1.0.881259");
script_version("2023-07-10T08:07:43+0000");
script_tag(name:"last_modification", value:"2023-07-10 08:07:43 +0000 (Mon, 10 Jul 2023)");
script_tag(name:"creation_date", value:"2012-07-30 17:13:04 +0530 (Mon, 30 Jul 2012)");
script_cve_id("CVE-2011-2692");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2020-08-06 15:53:00 +0000 (Thu, 06 Aug 2020)");
script_xref(name:"CESA", value:"2011:1103");
script_name("CentOS Update for libpng10 CESA-2011:1103 centos4 x86_64");
script_tag(name:"summary", value:"The remote host is missing an update for the 'libpng10'
package(s) announced via the referenced advisory.");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2012 Greenbone AG");
script_family("CentOS Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/centos", "ssh/login/rpms", re:"ssh/login/release=CentOS4");
script_tag(name:"affected", value:"libpng10 on CentOS 4");
script_tag(name:"solution", value:"Please install the updated packages.");
script_tag(name:"insight", value:"The libpng packages contain a library of functions for creating and
manipulating PNG (Portable Network Graphics) image format files.
An uninitialized memory read issue was found in the way libpng processed
certain PNG images that use the Physical Scale (sCAL) extension. An
attacker could create a specially-crafted PNG image that, when opened,
could cause an application using libpng to crash. (CVE-2011-2692)
Users of libpng and libpng10 should upgrade to these updated packages,
which contain a backported patch to correct this issue. All running
applications using libpng or libpng10 must be restarted for the update to
take effect.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "CentOS4")
{
if ((res = isrpmvuln(pkg:"libpng10", rpm:"libpng10~1.0.16~9.el4", rls:"CentOS4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libpng10-devel", rpm:"libpng10-devel~1.0.16~9.el4", rls:"CentOS4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libpng", rpm:"libpng~1.2.7~8.el4", rls:"CentOS4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libpng-devel", rpm:"libpng-devel~1.2.7~8.el4", rls:"CentOS4")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo30 Jul 2012 00:00Current
8.9High risk
Vulners AI Score8.9
CVSS26.8
CVSS38.8
EPSS0.01079