CVE-2011-3048

Priority
Medium
Description
The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59,
1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows
remote attackers to cause a denial of service (crash) or execute arbitrary
code via a crafted text chunk in a PNG image file, which triggers a memory
allocation failure that is not properly handled, leading to a heap-based
buffer overflow.
References
Bugs
Notes
mdeslaur> RH bug says firefox isn't affected.
Package
Upstream:released (1.2.49)
Ubuntu 8.04 LTS (Hardy Heron):released (1.2.15~beta5-3ubuntu0.7)
Ubuntu 10.04 LTS (Lucid Lynx):released (1.2.42-1ubuntu2.5)
Ubuntu 11.04 (Natty Narwhal):released (1.2.44-1ubuntu3.4)
Ubuntu 11.10 (Oneiric Ocelot):released (1.2.46-3ubuntu1.3)
Ubuntu 12.04 LTS (Precise Pangolin):released (1.2.46-3ubuntu4)
Patches:
Vendor:http://www.debian.org/security/2012/dsa-2446
Upstream:http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=78322ccdeb994c311f6175fcefdb5761f85722cb#patch24
Package
Upstream:not-affected
Ubuntu 8.04 LTS (Hardy Heron):ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Ubuntu 11.04 (Natty Narwhal):not-affected
Ubuntu 11.10 (Oneiric Ocelot):not-affected
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):not-affected (uses system libpng)
Ubuntu 11.04 (Natty Narwhal):not-affected (uses system libpng)
Ubuntu 11.10 (Oneiric Ocelot):not-affected (uses system libpng)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (uses system libpng)
Package
Upstream:not-affected
Ubuntu 8.04 LTS (Hardy Heron):ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Ubuntu 11.04 (Natty Narwhal):not-affected
Ubuntu 11.10 (Oneiric Ocelot):not-affected
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:22:21 UTC (commit 5347)