CVE-2011-3464
Published Jul 22, 2012
Last updated 12 years ago
Overview
- Description
- Off-by-one error in the png_formatted_warning function in pngerror.c in libpng 1.5.4 through 1.5.7 might allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors, which trigger a stack-based buffer overflow.
- Source
- product-security@apple.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-189
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.0:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C8BA2974-AF9F-4382-B443-F54354B5623A"
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE8BC209-45B9-44D6-A26D-0B570ED5BB19"
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.1:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "468B1A0E-AF58-42C4-9801-D6F83F283360"
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6644ED2F-66F3-469D-8233-72FE7321E850"
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.2:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B36D610D-F86A-4D46-B0F2-884FFA601C69"
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.3:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C8A976DD-87FA-425D-8E07-E3CFC4D3FD05"
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F34978D-6ABE-463E-AB48-21CC55B7D157"
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.4:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3716FF0E-AD20-46F8-B8F6-3EC42D427C90"
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A4568BB-F5FF-4BBB-9DA3-E66C2BFA2416"
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.5:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5300EC4-B3A0-42C5-8D39-67AB75C47153"
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "246CF13F-FDC1-499E-9FC1-5624D54E9E3F"
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.6:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D5840A8E-AB64-40A9-8BB6-EB6BA51D40B4"
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AC66FD43-421B-4223-BA32-EC47B51E1091"
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.7:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EEC9D57C-47F2-4773-85B6-FFB0C4681E0C"
}
],
"operator": "OR"
}
]
}
]