CVE-2011-2692

8.8 HIGH
Published: July 17, 2011 Modified: April 29, 2026
View on NVD

Description

The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=61a2d8a2a7b03023e63eae9a3e64607aaaa6d339
Source: secalert@redhat.com
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
Source: secalert@redhat.com
Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
Source: secalert@redhat.com
Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html
Source: secalert@redhat.com
Mailing List Third Party Advisory
http://secunia.com/advisories/45046
Source: secalert@redhat.com
Broken Link
http://secunia.com/advisories/45405
Source: secalert@redhat.com
Broken Link
http://secunia.com/advisories/45415
Source: secalert@redhat.com
Broken Link
http://secunia.com/advisories/45445
Source: secalert@redhat.com
Broken Link
http://secunia.com/advisories/45460
Source: secalert@redhat.com
Broken Link
http://secunia.com/advisories/45461
Source: secalert@redhat.com
Broken Link
http://secunia.com/advisories/45492
Source: secalert@redhat.com
Broken Link
http://secunia.com/advisories/49660
Source: secalert@redhat.com
Broken Link
http://security.gentoo.org/glsa/glsa-201206-15.xml
Source: secalert@redhat.com
Third Party Advisory
http://sourceforge.net/mailarchive/forum.php?thread_name=003101cc2790%24fb5d6e80%24f2184b80%24%40acm.org&forum_name=png-mng-implement
Source: secalert@redhat.com
Exploit Issue Tracking Third Party Advisory
http://support.apple.com/kb/HT5002
Source: secalert@redhat.com
Third Party Advisory
http://support.apple.com/kb/HT5281
Source: secalert@redhat.com
Third Party Advisory
http://www.debian.org/security/2011/dsa-2287
Source: secalert@redhat.com
Third Party Advisory
http://www.kb.cert.org/vuls/id/819894
Source: secalert@redhat.com
Third Party Advisory US Government Resource
http://www.libpng.org/pub/png/libpng.html
Source: secalert@redhat.com
Product Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:151
Source: secalert@redhat.com
Broken Link
http://www.openwall.com/lists/oss-security/2011/07/13/2
Source: secalert@redhat.com
Mailing List Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-1103.html
Source: secalert@redhat.com
Broken Link
http://www.redhat.com/support/errata/RHSA-2011-1104.html
Source: secalert@redhat.com
Broken Link
http://www.redhat.com/support/errata/RHSA-2011-1105.html
Source: secalert@redhat.com
Broken Link
http://www.securityfocus.com/bid/48618
Source: secalert@redhat.com
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-1175-1
Source: secalert@redhat.com
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=720612
Source: secalert@redhat.com
Issue Tracking Patch Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/68536
Source: secalert@redhat.com
Third Party Advisory VDB Entry
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=61a2d8a2a7b03023e63eae9a3e64607aaaa6d339
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://secunia.com/advisories/45046
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/45405
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/45415
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/45445
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/45460
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/45461
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/45492
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/49660
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://security.gentoo.org/glsa/glsa-201206-15.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://sourceforge.net/mailarchive/forum.php?thread_name=003101cc2790%24fb5d6e80%24f2184b80%24%40acm.org&forum_name=png-mng-implement
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Issue Tracking Third Party Advisory
http://support.apple.com/kb/HT5002
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://support.apple.com/kb/HT5281
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2011/dsa-2287
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.kb.cert.org/vuls/id/819894
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory US Government Resource
http://www.libpng.org/pub/png/libpng.html
Source: af854a3a-2127-422b-91ae-364da2661108
Product Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:151
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.openwall.com/lists/oss-security/2011/07/13/2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-1103.html
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.redhat.com/support/errata/RHSA-2011-1104.html
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.redhat.com/support/errata/RHSA-2011-1105.html
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.securityfocus.com/bid/48618
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-1175-1
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=720612
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking Patch Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/68536
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry

56 reference(s) from NVD

Quick Stats

CVSS v3 Score
8.8 / 10.0
EPSS (Exploit Probability)
7.5%
92th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

libpng canonical fedoraproject debian

Related CVEs

CVE-2026-7779 4.3
CVE-2026-42238 N/A
CVE-2026-42223 6.5
CVE-2026-42222 8.1
CVE-2026-42221 8.1