Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2011-3045

Опубликовано: 22 мар. 2012
Источник: nvd
CVSS3: 8.8
CVSS2: 6.8
EPSS Низкий

Описание

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Версия до 17.0.963.83 (исключая)
Конфигурация 2

Одно из

cpe:2.3:a:redhat:gluster_storage:2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:storage:2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:storage_for_public_cloud:2.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*
Версия до 1.5.10 (исключая)

EPSS

Процентиль: 89%
0.04701
Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-190
CWE-195

Связанные уязвимости

ubuntu логотип

CVE-2011-3045

CVSS3: 8.8
ubuntu
около 13 лет назад

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.

redhat логотип

CVE-2011-3045

redhat
больше 13 лет назад

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.

msrc логотип

CVE-2011-3045

CVSS3: 8.8
msrc
8 дней назад

Описание отсутствует

debian логотип

CVE-2011-3045

CVSS3: 8.8
debian
около 13 лет назад

Integer signedness error in the png_inflate function in pngrutil.c in ...

github логотип

GHSA-w4pv-vqp3-f753

CVSS3: 8.8
github
около 3 лет назад

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.

EPSS

Процентиль: 89%
0.04701
Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-190
CWE-195