CVE-2011-3045

8.8 HIGH
Published: March 22, 2012 Modified: April 29, 2026
View on NVD

Description

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://code.google.com/p/chromium/issues/detail?id=116162
Source: cve@mitre.org
Vendor Advisory
http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html
Source: cve@mitre.org
Release Notes Vendor Advisory
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b
Source: cve@mitre.org
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075424.html
Source: cve@mitre.org
Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075619.html
Source: cve@mitre.org
Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075981.html
Source: cve@mitre.org
Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075987.html
Source: cve@mitre.org
Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076461.html
Source: cve@mitre.org
Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076731.html
Source: cve@mitre.org
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html
Source: cve@mitre.org
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2012-03/msg00051.html
Source: cve@mitre.org
Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0407.html
Source: cve@mitre.org
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0488.html
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/48320
Source: cve@mitre.org
Not Applicable
http://secunia.com/advisories/48485
Source: cve@mitre.org
Not Applicable
http://secunia.com/advisories/48512
Source: cve@mitre.org
Not Applicable
http://secunia.com/advisories/48554
Source: cve@mitre.org
Not Applicable
http://secunia.com/advisories/49660
Source: cve@mitre.org
Not Applicable
http://security.gentoo.org/glsa/glsa-201206-15.xml
Source: cve@mitre.org
Third Party Advisory
http://src.chromium.org/viewvc/chrome?view=rev&revision=125311
Source: cve@mitre.org
Patch Vendor Advisory
http://www.debian.org/security/2012/dsa-2439
Source: cve@mitre.org
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2012:033
Source: cve@mitre.org
Not Applicable
http://www.securitytracker.com/id?1026823
Source: cve@mitre.org
Third Party Advisory VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=799000
Source: cve@mitre.org
Issue Tracking Patch Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14763
Source: cve@mitre.org
Third Party Advisory
http://code.google.com/p/chromium/issues/detail?id=116162
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html
Source: af854a3a-2127-422b-91ae-364da2661108
Release Notes Vendor Advisory
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075424.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075619.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075981.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075987.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076461.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2012-March/076731.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2012-03/msg00051.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0407.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0488.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/48320
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
http://secunia.com/advisories/48485
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
http://secunia.com/advisories/48512
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
http://secunia.com/advisories/48554
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
http://secunia.com/advisories/49660
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
http://security.gentoo.org/glsa/glsa-201206-15.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://src.chromium.org/viewvc/chrome?view=rev&revision=125311
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.debian.org/security/2012/dsa-2439
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2012:033
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
http://www.securitytracker.com/id?1026823
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=799000
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking Patch Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14763
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

50 reference(s) from NVD

Quick Stats

CVSS v3 Score
8.8 / 10.0
EPSS (Exploit Probability)
4.5%
89th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-190 CWE-195

Affected Vendors

redhat opensuse google debian libpng fedoraproject

Related CVEs

CVE-2026-7779 4.3
CVE-2026-42238 N/A
CVE-2026-42223 6.5
CVE-2026-42222 8.1
CVE-2026-42221 8.1