SpirityCVE

The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message data. NOTE: this vulnerability exists because of a CVE-2004-0421 regression. NOTE: this is called an off-by-one error by some sources.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Canonical	Ubuntu Linux
Debian	Debian Linux
Fedoraproject	Fedora
Libpng	Libpng
Redhat	Enterprise Linux

Configuration 1 [-]

OR	cpe:2.3:a:libpng:libpng::::::::
	cpe:2.3:a:libpng:libpng::::::::
	cpe:2.3:a:libpng:libpng::::::::
	cpe:2.3:a:libpng:libpng::::::::

Configuration 2 [-]

cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*

Configuration 3 [-]

OR	cpe:2.3:o:debian:debian_linux:5.0:::::::*
	cpe:2.3:o:debian:debian_linux:6.0:::::::*

Configuration 4 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:8.04:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:10.04:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:10.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:11.04:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 6
libpng-2:1.2.46-1.el6_1	cpe:/o:redhat:enterprise_linux:6	RHSA-2011:1105	2011-07-28T00:00:00Z

References

Link	Providers
https://www.spirityenterprise.com/pentest
https://www.spirityenterprise.com/managed-detection-response
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=65e6d5a34f49acdb362a0625a706c6b914e670af
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062720.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html
http://secunia.com/advisories/45046
http://secunia.com/advisories/45289
http://secunia.com/advisories/45405
http://secunia.com/advisories/45415
http://secunia.com/advisories/45460
http://secunia.com/advisories/45486
http://secunia.com/advisories/45492
http://secunia.com/advisories/49660
http://security.gentoo.org/glsa/glsa-201206-15.xml
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.617466
http://sourceforge.net/mailarchive/forum.php?thread_name=BANLkTikrnU6FJNQYFvwmt78hwpgKPVRd1Q%40mail.gmail.com&forum_name=png-mng-implement
http://www.debian.org/security/2011/dsa-2287
http://www.mandriva.com/security/advisories?name=MDVSA-2011:151
http://www.openwall.com/lists/oss-security/2011/06/27/13
http://www.openwall.com/lists/oss-security/2011/06/28/16
http://www.redhat.com/support/errata/RHSA-2011-1105.html
http://www.securityfocus.com/bid/48474
http://www.ubuntu.com/usn/USN-1175-1
https://bugzilla.redhat.com/show_bug.cgi?id=717084
https://exchange.xforce.ibmcloud.com/vulnerabilities/68517
https://nvd.nist.gov/vuln/detail/CVE-2011-2501
https://www.cve.org/CVERecord?id=CVE-2011-2501

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2011-07-17T20:00:00.000Z

Updated: 2024-08-06T23:00:34.249Z

Reserved: 2011-06-15T00:00:00.000Z

Link: CVE-2011-2501

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2011-07-17T20:55:01.483

Modified: 2025-04-11T00:51:21.963

Link: CVE-2011-2501

Redhat

Severity : Moderate

Publid Date: 2011-06-07T00:00:00Z

Links: CVE-2011-2501 - Bugzilla

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object