High severity8.8NVD Advisory· Published Jul 17, 2011· Updated Jun 16, 2026
CVE-2011-2692
CVE-2011-2692
Description
The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
28- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- sourceforge.net/mailarchive/forum.phpnvdExploitIssue TrackingThird Party Advisory
- lists.apple.com/archives/Security-announce/2011//Oct/msg00003.htmlnvdMailing ListThird Party Advisory
- lists.apple.com/archives/security-announce/2012/May/msg00001.htmlnvdMailing ListThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.htmlnvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/glsa-201206-15.xmlnvdThird Party Advisory
- support.apple.com/kb/HT5002nvdThird Party Advisory
- support.apple.com/kb/HT5281nvdThird Party Advisory
- www.debian.org/security/2011/dsa-2287nvdThird Party Advisory
- www.kb.cert.org/vuls/id/819894nvdThird Party AdvisoryUS Government Resource
- www.libpng.org/pub/png/libpng.htmlnvdProductVendor Advisory
- www.openwall.com/lists/oss-security/2011/07/13/2nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/48618nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-1175-1nvdThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/68536nvdThird Party AdvisoryVDB Entry
- secunia.com/advisories/45046nvdBroken Link
- secunia.com/advisories/45405nvdBroken Link
- secunia.com/advisories/45415nvdBroken Link
- secunia.com/advisories/45445nvdBroken Link
- secunia.com/advisories/45460nvdBroken Link
- secunia.com/advisories/45461nvdBroken Link
- secunia.com/advisories/45492nvdBroken Link
- secunia.com/advisories/49660nvdBroken Link
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.redhat.com/support/errata/RHSA-2011-1103.htmlnvdBroken Link
- www.redhat.com/support/errata/RHSA-2011-1104.htmlnvdBroken Link
- www.redhat.com/support/errata/RHSA-2011-1105.htmlnvdBroken Link
- libpng.git.sourceforge.net/git/gitweb.cginvd
News mentions
0No linked articles in our index yet.