Vulnerability-Lookup

CVE-2011-2691 (GCVE-0-2011-2691)

Vulnerability from cvelistv5 – Published: 2011-07-17 20:00 – Updated: 2024-08-06 23:08

Summary

The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://secunia.com/advisories/49660	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/48660	vdb-entryx_refsource_BID
	https://bugzilla.redhat.com/show_bug.cgi?id=720608	x_refsource_CONFIRM
	http://libpng.git.sourceforge.net/git/gitweb.cgi?…	x_refsource_CONFIRM
	http://secunia.com/advisories/45046	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://security.gentoo.org/glsa/glsa-201206-15.xml	vendor-advisoryx_refsource_GENTOO
	http://www.libpng.org/pub/png/libpng.html	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.debian.org/security/2011/dsa-2287	vendor-advisoryx_refsource_DEBIAN
	http://lists.apple.com/archives/Security-announce…	vendor-advisoryx_refsource_APPLE
	http://secunia.com/advisories/45405	third-party-advisoryx_refsource_SECUNIA
	http://www.openwall.com/lists/oss-security/2011/07/13/2	mailing-listx_refsource_MLIST
	http://marc.info/?l=bugtraq&m=133951357207000&w=2	vendor-advisoryx_refsource_HP
	http://support.apple.com/kb/HT5002	x_refsource_CONFIRM
	http://secunia.com/advisories/45492	third-party-advisoryx_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=133951357207000&w=2	vendor-advisoryx_refsource_HP

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:08:23.712Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "49660",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/49660"
          },
          {
            "name": "48660",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48660"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=720608"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=9dad5e37aef295b4ef8dea39392b652deebc9261"
          },
          {
            "name": "45046",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45046"
          },
          {
            "name": "libpng-pngdefaulterror-dos(68537)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68537"
          },
          {
            "name": "MDVSA-2011:151",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:151"
          },
          {
            "name": "GLSA-201206-15",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201206-15.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.libpng.org/pub/png/libpng.html"
          },
          {
            "name": "FEDORA-2011-9336",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html"
          },
          {
            "name": "DSA-2287",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2287"
          },
          {
            "name": "APPLE-SA-2011-10-12-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
          },
          {
            "name": "45405",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45405"
          },
          {
            "name": "[oss-security] 20110713 Security issues fixed in libpng 1.5.4",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2011/07/13/2"
          },
          {
            "name": "SSRT100852",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5002"
          },
          {
            "name": "45492",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/45492"
          },
          {
            "name": "HPSBMU02776",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-07-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "49660",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/49660"
        },
        {
          "name": "48660",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48660"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=720608"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=9dad5e37aef295b4ef8dea39392b652deebc9261"
        },
        {
          "name": "45046",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45046"
        },
        {
          "name": "libpng-pngdefaulterror-dos(68537)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68537"
        },
        {
          "name": "MDVSA-2011:151",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:151"
        },
        {
          "name": "GLSA-201206-15",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201206-15.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.libpng.org/pub/png/libpng.html"
        },
        {
          "name": "FEDORA-2011-9336",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html"
        },
        {
          "name": "DSA-2287",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2287"
        },
        {
          "name": "APPLE-SA-2011-10-12-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
        },
        {
          "name": "45405",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45405"
        },
        {
          "name": "[oss-security] 20110713 Security issues fixed in libpng 1.5.4",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2011/07/13/2"
        },
        {
          "name": "SSRT100852",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5002"
        },
        {
          "name": "45492",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/45492"
        },
        {
          "name": "HPSBMU02776",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-2691",
    "datePublished": "2011-07-17T20:00:00.000Z",
    "dateReserved": "2011-07-11T00:00:00.000Z",
    "dateUpdated": "2024-08-06T23:08:23.712Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2012-AVI-316

Vulnerability from certfr_avis - Published: 2012-06-12 - Updated: 2012-06-12

Onze vulnérabilités ont été corrigées dans HP Onboard Administrator. L'exploitation de ces vulnérabilités peut mener à divers accès non autorisés à des données distantes et à des dénis de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Versions antérieures à HP Onboard Adminitrator v3.56.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité HP du 07 juin 2012	None	vendor-advisory
Bulletin de sécurité HP c03315912 du 07 juin 2012 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eVersions ant\u00e9rieures \u00e0 HP Onboard Adminitrator v3.56.\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-0050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0050"
    },
    {
      "name": "CVE-2012-0053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0053"
    },
    {
      "name": "CVE-2011-3192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
    },
    {
      "name": "CVE-2011-4619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4619"
    },
    {
      "name": "CVE-2012-2110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2110"
    },
    {
      "name": "CVE-2011-4576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4576"
    },
    {
      "name": "CVE-2012-0884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0884"
    },
    {
      "name": "CVE-2011-4108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-4108"
    },
    {
      "name": "CVE-2012-1583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1583"
    },
    {
      "name": "CVE-2011-2691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2691"
    },
    {
      "name": "CVE-2011-1473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1473"
    }
  ],
  "initial_release_date": "2012-06-12T00:00:00",
  "last_revision_date": "2012-06-12T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP c03315912 du 07 juin 2012 :",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03315912"
    }
  ],
  "reference": "CERTA-2012-AVI-316",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-06-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Onze vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan class=\"textit\"\u003eHP\nOnboard Administrator\u003c/span\u003e. L\u0027exploitation de ces vuln\u00e9rabilit\u00e9s peut\nmener \u00e0 divers acc\u00e8s non autoris\u00e9s \u00e0 des donn\u00e9es distantes et \u00e0 des\nd\u00e9nis de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans HP Onboard Administrator",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 HP du 07 juin 2012",
      "url": null
    }
  ]
}

CERTA-2011-AVI-564

Vulnerability from certfr_avis - Published: 2011-10-13 - Updated: 2011-10-13

Plusieurs vulnérabilités présentes dans Mac OS X ont été corrigées.

Description

De multiples vulnérabilités découvertes dans Mac OS X permettent à une personne malveillante d'exécuter du code arbitraire à distance avec potentiellement des privilèges élevés, de provoquer un déni de service, de contourner la politique de sécurité du système, de porter atteinte à la confidentialité et à l'intégrité des données ou encore de réaliser une injection de code indirecte.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	Mac OS X v10.6.8 ;
Apple	N/A	Mac OS X Lion Server v10.7 et v10.7.1 ;
Apple	N/A	Mac OS X Server v10.7 et v10.7.1.
Apple	N/A	Mac OS X Server v10.6.8 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT5002 du 12 octobre 2011	None	vendor-advisory
Référence CVE CVE-2010-3436 :	-	other
Référence CVE CVE-2011-0708 :	-	other
Référence CVE CVE-2011-1467 :	-	other
Référence CVE CVE-2011-1910 :	-	other
Référence CVE CVE-2011-3217 :	-	other
Référence CVE CVE-2011-1153 :	-	other
Référence CVE CVE-2011-3220 :	-	other
Référence CVE CVE-2010-3614 :	-	other
Référence CVE CVE-2011-0420 :	-	other
Référence CVE CVE-2011-0411 :	-	other
Référence CVE CVE-2011-0224 :	-	other
Référence CVE CVE-2010-3613 :	-	other
Référence CVE CVE-2011-3225 :	-	other
Référence CVE CVE-2011-0249 :	-	other
Référence CVE CVE-2011-3227 :	-	other
Référence CVE CVE-2011-1521 :	-	other
Référence CVE CVE-2011-0185 :	-	other
Référence CVE CVE-2011-0252 :	-	other
Référence CVE CVE-2011-0226 :	-	other
Référence CVE CVE-2010-4645 :	-	other
Référence CVE CVE-2011-3213 :	-	other
Référence CVE CVE-2011-3221 :	-	other
Référence CVE CVE-2011-1471 :	-	other
Référence CVE CVE-2011-3435 :	-	other
Référence CVE CVE-2011-3218 :	-	other
Référence CVE CVE-2011-0013 :	-	other
Référence CVE CVE-2010-1634 :	-	other
Référence CVE CVE-2011-0250 :	-	other
Référence CVE CVE-2011-3224 :	-	other
Référence CVE CVE-2011-0259 :	-	other
Référence CVE CVE-2011-2690 :	-	other
Référence CVE CVE-2011-3226 :	-	other
Référence CVE CVE-2011-3216 :	-	other
Référence CVE CVE-2011-3212 :	-	other
Référence CVE CVE-2010-2089 :	-	other
Référence CVE CVE-2010-3718 :	-	other
Référence CVE CVE-2011-0260 :	-	other
Référence CVE CVE-2011-3214 :	-	other
Référence CVE CVE-2010-1157 :	-	other
Référence CVE CVE-2011-0707 :	-	other
Référence CVE CVE-2011-3223 :	-	other
Référence CVE CVE-2011-3246 :	-	other
Référence CVE CVE-2010-2227 :	-	other
Référence CVE CVE-2010-4172 :	-	other
Référence CVE CVE-2011-3436 :	-	other
Référence CVE CVE-2011-2691 :	-	other
Référence CVE CVE-2011-3437 :	-	other
Référence CVE CVE-2009-4022 :	-	other
Référence CVE CVE-2011-0187 :	-	other
Référence CVE CVE-2011-3192 :	-	other
Référence CVE CVE-2011-1755 :	-	other
Référence CVE CVE-2010-0097 :	-	other
Référence CVE CVE-2011-0419 :	-	other
Référence CVE CVE-2011-1466 :	-	other
Référence CVE CVE-2011-0421 :	-	other
Référence CVE CVE-2011-0251 :	-	other
Référence CVE CVE-2011-3219 :	-	other
Référence CVE CVE-2011-0229 :	-	other
Référence CVE CVE-2011-3222 :	-	other
Référence CVE CVE-2011-0534 :	-	other
Référence CVE CVE-2011-3228 :	-	other
Référence CVE CVE-2011-3215 :	-	other
Référence CVE CVE-2011-1092 :	-	other
Référence CVE CVE-2011-0230 :	-	other
Référence CVE CVE-2011-1470 :	-	other
Référence CVE CVE-2011-0231 :	-	other
Référence CVE CVE-2011-2692 :	-	other
Référence CVE CVE-2011-1468 :	-	other
Référence CVE CVE-2011-2464 :	-	other
Référence CVE CVE-2011-1469 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X v10.6.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Lion Server v10.7 et v10.7.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server v10.7 et v10.7.1.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server v10.6.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans Mac OS X permettent \u00e0 une\npersonne malveillante d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance avec\npotentiellement des privil\u00e8ges \u00e9lev\u00e9s, de provoquer un d\u00e9ni de service,\nde contourner la politique de s\u00e9curit\u00e9 du syst\u00e8me, de porter atteinte \u00e0\nla confidentialit\u00e9 et \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es ou encore de r\u00e9aliser\nune injection de code indirecte.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-3216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3216"
    },
    {
      "name": "CVE-2011-3436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3436"
    },
    {
      "name": "CVE-2010-1634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1634"
    },
    {
      "name": "CVE-2011-3214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3214"
    },
    {
      "name": "CVE-2011-0187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0187"
    },
    {
      "name": "CVE-2011-3192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3192"
    },
    {
      "name": "CVE-2011-3228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3228"
    },
    {
      "name": "CVE-2011-0421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0421"
    },
    {
      "name": "CVE-2011-0259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0259"
    },
    {
      "name": "CVE-2011-3221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3221"
    },
    {
      "name": "CVE-2010-4172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4172"
    },
    {
      "name": "CVE-2011-3217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3217"
    },
    {
      "name": "CVE-2011-3219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3219"
    },
    {
      "name": "CVE-2011-0534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0534"
    },
    {
      "name": "CVE-2011-0230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0230"
    },
    {
      "name": "CVE-2011-0229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0229"
    },
    {
      "name": "CVE-2011-1471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1471"
    },
    {
      "name": "CVE-2011-3222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3222"
    },
    {
      "name": "CVE-2011-1466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1466"
    },
    {
      "name": "CVE-2011-0226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0226"
    },
    {
      "name": "CVE-2011-0013",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0013"
    },
    {
      "name": "CVE-2011-0231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0231"
    },
    {
      "name": "CVE-2011-3213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3213"
    },
    {
      "name": "CVE-2009-4022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4022"
    },
    {
      "name": "CVE-2011-1153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1153"
    },
    {
      "name": "CVE-2011-3218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3218"
    },
    {
      "name": "CVE-2011-2692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2692"
    },
    {
      "name": "CVE-2010-4645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4645"
    },
    {
      "name": "CVE-2011-0249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0249"
    },
    {
      "name": "CVE-2011-3212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3212"
    },
    {
      "name": "CVE-2011-0250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0250"
    },
    {
      "name": "CVE-2011-1092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1092"
    },
    {
      "name": "CVE-2011-3227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3227"
    },
    {
      "name": "CVE-2011-1469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1469"
    },
    {
      "name": "CVE-2010-2227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2227"
    },
    {
      "name": "CVE-2011-1910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1910"
    },
    {
      "name": "CVE-2011-3220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3220"
    },
    {
      "name": "CVE-2011-0708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0708"
    },
    {
      "name": "CVE-2010-3614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3614"
    },
    {
      "name": "CVE-2011-3224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3224"
    },
    {
      "name": "CVE-2011-3226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3226"
    },
    {
      "name": "CVE-2011-0260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0260"
    },
    {
      "name": "CVE-2011-2690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2690"
    },
    {
      "name": "CVE-2011-3215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3215"
    },
    {
      "name": "CVE-2010-3613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3613"
    },
    {
      "name": "CVE-2011-1521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1521"
    },
    {
      "name": "CVE-2011-1467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1467"
    },
    {
      "name": "CVE-2011-1755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1755"
    },
    {
      "name": "CVE-2011-3246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3246"
    },
    {
      "name": "CVE-2011-3435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3435"
    },
    {
      "name": "CVE-2011-2691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2691"
    },
    {
      "name": "CVE-2011-3437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3437"
    },
    {
      "name": "CVE-2011-0251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0251"
    },
    {
      "name": "CVE-2011-1470",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1470"
    },
    {
      "name": "CVE-2011-3225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3225"
    },
    {
      "name": "CVE-2011-0411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0411"
    },
    {
      "name": "CVE-2010-3718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3718"
    },
    {
      "name": "CVE-2011-2464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2464"
    },
    {
      "name": "CVE-2010-3436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3436"
    },
    {
      "name": "CVE-2010-0097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0097"
    },
    {
      "name": "CVE-2011-0707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0707"
    },
    {
      "name": "CVE-2011-0252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0252"
    },
    {
      "name": "CVE-2011-0224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0224"
    },
    {
      "name": "CVE-2010-2089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2089"
    },
    {
      "name": "CVE-2011-0420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0420"
    },
    {
      "name": "CVE-2010-1157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1157"
    },
    {
      "name": "CVE-2011-0419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0419"
    },
    {
      "name": "CVE-2011-1468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1468"
    },
    {
      "name": "CVE-2011-3223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3223"
    },
    {
      "name": "CVE-2011-0185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0185"
    }
  ],
  "initial_release_date": "2011-10-13T00:00:00",
  "last_revision_date": "2011-10-13T00:00:00",
  "links": [
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-3436 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-3436"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0708 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0708"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1467 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1467"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1910 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1910"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3217 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3217"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1153 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1153"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3220 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3220"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-3614 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-3614"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0420 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0420"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0411 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0411"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0224 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0224"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-3613 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-3613"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3225 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3225"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0249 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0249"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3227 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3227"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1521 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1521"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0185 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0185"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0252 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0252"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0226 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0226"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-4645 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-4645"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3213 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3213"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3221 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3221"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1471 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1471"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3435 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3435"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3218 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3218"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0013 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0013"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-1634 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-1634"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0250 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0250"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3224 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3224"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0259 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0259"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-2690 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-2690"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3226 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3226"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3216 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3216"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3212 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3212"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-2089 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-2089"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-3718 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-3718"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0260 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0260"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3214 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3214"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-1157 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-1157"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0707 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0707"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3223 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3223"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3246 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3246"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-2227 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-2227"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-4172 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-4172"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3436 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3436"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-2691 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-2691"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3437 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3437"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2009-4022 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2009-4022"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0187 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0187"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3192 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3192"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1755 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1755"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2010-0097 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2010-0097"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0419 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0419"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1466 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1466"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0421 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0421"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0251 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0251"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3219 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3219"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0229 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0229"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3222 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3222"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0534 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0534"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3228 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3228"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-3215 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-3215"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1092 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1092"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0230 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0230"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1470 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1470"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-0231 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-0231"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-2692 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-2692"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1468 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1468"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-2464 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-2464"
    },
    {
      "title": "R\u00e9f\u00e9rence CVE CVE-2011-1469 :",
      "url": "http://cve.mitre.org/cgi-bin/cvename-cgi?name=CVE-2011-1469"
    }
  ],
  "reference": "CERTA-2011-AVI-564",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-10-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans Mac OS X ont \u00e9t\u00e9 corrig\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT5002 du 12 octobre 2011",
      "url": "http://docs.info.apple.com/article.html?artnum=HT5002"
    }
  ]
}

FKIE_CVE-2011-2691

Vulnerability from fkie_nvd - Published: 2011-07-17 20:55 - Updated: 2025-04-11 00:51

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
secalert@redhat.com	http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=9dad5e37aef295b4ef8dea39392b652deebc9261
secalert@redhat.com	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://marc.info/?l=bugtraq&m=133951357207000&w=2	Mailing List, Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/45046	Broken Link
secalert@redhat.com	http://secunia.com/advisories/45405	Broken Link
secalert@redhat.com	http://secunia.com/advisories/45492	Broken Link
secalert@redhat.com	http://secunia.com/advisories/49660	Broken Link
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-201206-15.xml	Third Party Advisory
secalert@redhat.com	http://support.apple.com/kb/HT5002	Third Party Advisory
secalert@redhat.com	http://www.debian.org/security/2011/dsa-2287	Third Party Advisory
secalert@redhat.com	http://www.libpng.org/pub/png/libpng.html	Product, Vendor Advisory
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2011:151	Broken Link
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2011/07/13/2	Mailing List, Third Party Advisory
secalert@redhat.com	http://www.securityfocus.com/bid/48660	Third Party Advisory, VDB Entry
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=720608	Exploit, Issue Tracking, Patch, Third Party Advisory
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/68537	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=9dad5e37aef295b4ef8dea39392b652deebc9261
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=133951357207000&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45046	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45405	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/45492	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/49660	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-201206-15.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT5002	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2011/dsa-2287	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.libpng.org/pub/png/libpng.html	Product, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2011:151	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2011/07/13/2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/48660	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=720608	Exploit, Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/68537	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
libpng	libpng	*
libpng	libpng	*
libpng	libpng	*
libpng	libpng	*
fedoraproject	fedora	14
debian	debian_linux	5.0
debian	debian_linux	6.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "457596BD-6D1A-4BF6-AB6B-00C015282A5C",
              "versionEndExcluding": "1.0.55",
              "versionStartIncluding": "1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E0A4818-9441-4057-BF47-EDC25FC9A3D2",
              "versionEndExcluding": "1.2.45",
              "versionStartIncluding": "1.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F5725F-4C45-48C1-B31C-7A25E735AE49",
              "versionEndExcluding": "1.4.8",
              "versionStartIncluding": "1.4.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25E29B1D-F756-40BE-8419-4224391D8D61",
              "versionEndExcluding": "1.5.4",
              "versionStartIncluding": "1.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDE52846-24EC-4068-B788-EC7F915FFF11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n png_err en pngerror.c en libpng v1.0.x antes de v1.0.55, en v1.2.x antes de v1.2.45, en v1.4.x antes de v1.4.8, y en v1.5.x antes de v1.5.4, hace una llamada a la funci\u00f3n con un argumento de puntero NULL en lugar de un argumento de cadena vac\u00eda, lo cual permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de una imagen PNG creada."
    }
  ],
  "id": "CVE-2011-2691",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2011-07-17T20:55:01.577",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=9dad5e37aef295b4ef8dea39392b652deebc9261"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/45046"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/45405"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/45492"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/49660"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201206-15.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT5002"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2011/dsa-2287"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Product",
        "Vendor Advisory"
      ],
      "url": "http://www.libpng.org/pub/png/libpng.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:151"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/07/13/2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/48660"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=720608"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68537"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=9dad5e37aef295b4ef8dea39392b652deebc9261"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/45046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/45405"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/45492"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/49660"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201206-15.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT5002"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2011/dsa-2287"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product",
        "Vendor Advisory"
      ],
      "url": "http://www.libpng.org/pub/png/libpng.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:151"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/07/13/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/48660"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=720608"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68537"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-VPRR-5687-F565

Vulnerability from github – Published: 2022-05-13 01:24 – Updated: 2022-05-13 01:24

Details

Severity ?

6.5 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-2691"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-07-17T20:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image.",
  "id": "GHSA-vprr-5687-f565",
  "modified": "2022-05-13T01:24:25Z",
  "published": "2022-05-13T01:24:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2691"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=720608"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68537"
    },
    {
      "type": "WEB",
      "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=9dad5e37aef295b4ef8dea39392b652deebc9261"
    },
    {
      "type": "WEB",
      "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commit;h=9dad5e37aef295b4ef8dea39392b652deebc9261"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/45046"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/45405"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/45492"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/49660"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-201206-15.xml"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT5002"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2011/dsa-2287"
    },
    {
      "type": "WEB",
      "url": "http://www.libpng.org/pub/png/libpng.html"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:151"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2011/07/13/2"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/48660"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2011-2691

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2011-2691

Aliases

CVE-2011-2691

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-2691",
    "description": "The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image.",
    "id": "GSD-2011-2691",
    "references": [
      "https://www.suse.com/security/cve/CVE-2011-2691.html",
      "https://www.debian.org/security/2011/dsa-2287"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-2691"
      ],
      "details": "The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image.",
      "id": "GSD-2011-2691",
      "modified": "2023-12-13T01:19:06.158501Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2011-2691",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html",
            "refsource": "MISC",
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
          },
          {
            "name": "http://support.apple.com/kb/HT5002",
            "refsource": "MISC",
            "url": "http://support.apple.com/kb/HT5002"
          },
          {
            "name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html",
            "refsource": "MISC",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html"
          },
          {
            "name": "http://secunia.com/advisories/45046",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/45046"
          },
          {
            "name": "http://secunia.com/advisories/45405",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/45405"
          },
          {
            "name": "http://secunia.com/advisories/45492",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/45492"
          },
          {
            "name": "http://secunia.com/advisories/49660",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/49660"
          },
          {
            "name": "http://security.gentoo.org/glsa/glsa-201206-15.xml",
            "refsource": "MISC",
            "url": "http://security.gentoo.org/glsa/glsa-201206-15.xml"
          },
          {
            "name": "http://www.debian.org/security/2011/dsa-2287",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2011/dsa-2287"
          },
          {
            "name": "http://www.libpng.org/pub/png/libpng.html",
            "refsource": "MISC",
            "url": "http://www.libpng.org/pub/png/libpng.html"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:151",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:151"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2011/07/13/2",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2011/07/13/2"
          },
          {
            "name": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2",
            "refsource": "MISC",
            "url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
          },
          {
            "name": "http://www.securityfocus.com/bid/48660",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/48660"
          },
          {
            "name": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=9dad5e37aef295b4ef8dea39392b652deebc9261",
            "refsource": "MISC",
            "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=9dad5e37aef295b4ef8dea39392b652deebc9261"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68537",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68537"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=720608",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=720608"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[1.0.0,1.0.55),[1.2.0,1.2.45),[1.4.0,1.4.8),[1.5.0,1.5.4)",
          "affected_versions": "All versions starting from 1.0.0 before 1.0.55, all versions starting from 1.2.0 before 1.2.45, all versions starting from 1.4.0 before 1.4.8, all versions starting from 1.5.0 before 1.5.4",
          "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-476",
            "CWE-937"
          ],
          "date": "2020-08-06",
          "description": "The png_err function in pngerror.c in libpng  makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image.",
          "fixed_versions": [
            "1.6.18.1"
          ],
          "identifier": "CVE-2011-2691",
          "identifiers": [
            "CVE-2011-2691"
          ],
          "not_impacted": "All versions before 1.0.0, all versions starting from 1.0.55 before 1.2.0, all versions starting from 1.2.45 before 1.4.0, all versions starting from 1.4.8 before 1.5.0, all versions starting from 1.5.4",
          "package_slug": "nuget/libpng",
          "pubdate": "2011-07-17",
          "solution": "Upgrade to version 1.6.18.1 or above.",
          "title": "NULL Pointer Dereference",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2011-2691"
          ],
          "uuid": "e3042807-259d-4d0f-acfe-ef9263111066"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.5.4",
                "versionStartIncluding": "1.5.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.4.8",
                "versionStartIncluding": "1.4.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.2.45",
                "versionStartIncluding": "1.2.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.0.55",
                "versionStartIncluding": "1.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2011-2691"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-476"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "45046",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/45046"
            },
            {
              "name": "[oss-security] 20110713 Security issues fixed in libpng 1.5.4",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/07/13/2"
            },
            {
              "name": "http://www.libpng.org/pub/png/libpng.html",
              "refsource": "CONFIRM",
              "tags": [
                "Product",
                "Vendor Advisory"
              ],
              "url": "http://www.libpng.org/pub/png/libpng.html"
            },
            {
              "name": "48660",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/48660"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=720608",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Issue Tracking",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=720608"
            },
            {
              "name": "DSA-2287",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.debian.org/security/2011/dsa-2287"
            },
            {
              "name": "45405",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/45405"
            },
            {
              "name": "FEDORA-2011-9336",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html"
            },
            {
              "name": "45492",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/45492"
            },
            {
              "name": "http://support.apple.com/kb/HT5002",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://support.apple.com/kb/HT5002"
            },
            {
              "name": "APPLE-SA-2011-10-12-3",
              "refsource": "APPLE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
            },
            {
              "name": "MDVSA-2011:151",
              "refsource": "MANDRIVA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:151"
            },
            {
              "name": "49660",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/49660"
            },
            {
              "name": "GLSA-201206-15",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-201206-15.xml"
            },
            {
              "name": "SSRT100852",
              "refsource": "HP",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=133951357207000\u0026w=2"
            },
            {
              "name": "libpng-pngdefaulterror-dos(68537)",
              "refsource": "XF",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68537"
            },
            {
              "name": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=9dad5e37aef295b4ef8dea39392b652deebc9261",
              "refsource": "MISC",
              "tags": [],
              "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=9dad5e37aef295b4ef8dea39392b652deebc9261"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-02-13T04:31Z",
      "publishedDate": "2011-07-17T20:55Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2011-2691 (GCVE-0-2011-2691)

CERTA-2012-AVI-316

Solution

CERTA-2011-AVI-564

Description

Solution

FKIE_CVE-2011-2691

GHSA-VPRR-5687-F565

GSD-2011-2691

Tags

Sightings

Nomenclature