VYPR
High severity8.8NVD Advisory· Published Jul 17, 2011· Updated Jun 16, 2026

CVE-2011-2692

CVE-2011-2692

Description

The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10
  • Libpng/Libpng2 versions
    cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*range: >=1.0.0,<1.0.55
    • (no CPE)range: <1.0.55 (1.0.x), <1.2.45 (1.2.x), <1.4.8 (1.4.x), <1.5.4 (1.5.x)
  • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*
  • Debian/linux2 versions
    cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

28

News mentions

0

No linked articles in our index yet.