CVE-2011-2692 (retired)

Priority
Description
The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55,
1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not
properly handle invalid sCAL chunks, which allows remote attackers to cause
a denial of service (memory corruption and application crash) or possibly
have unspecified other impact via a crafted PNG image that triggers the
reading of uninitialized memory.
Notes
 jdstrand> firefox 3.6.23 has 1.2.35 and 7.0.1 has 1.4.7
  micahg> firefox 8 will have 1.4.8
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (14.0.835.202~r103287-0ubuntu1)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):released (8.0~b4+build1-0ubuntu2)
Package
Upstream:released (1.2.45)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (1.2.46-3ubuntu1)
Patches:
Upstream:http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commit;h=61a2d8a2a7b03023e63eae9a3e64607aaaa6d339
More Information

Updated: 2019-03-26 11:57:19 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)