Lucene search
Mozilla FoundationMFSA2012-11HistoryFeb 16, 2012 - 12:00 a.m.
libpng integer overflow — Mozilla
2012-02-1600:00:00
Mozilla Foundation
www.mozilla.org
43
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.832 High
EPSS
Percentile
98.5%
An integer overflow in the libpng library can lead to a heap-buffer overflow when decompressing certain PNG images. This leads to a crash, which may be potentially exploitable.
Affected configurations
Node
mozillafirefoxRange<10.0.2
ORmozillafirefoxRange<3.6.27
ORmozillafirefox_esrRange<10.0.2
ORmozillaseamonkeyRange<2.7.2
ORmozillathunderbirdRange<10.0.2
ORmozillathunderbirdRange<3.1.19
ORmozillathunderbird_esrRange<10.0.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| firefox | lt | 10.0.2 | |
| firefox | lt | 3.6.27 | |
| firefox esr | lt | 10.0.2 | |
| seamonkey | lt | 2.7.2 | |
| thunderbird | lt | 10.0.2 | |
| thunderbird | lt | 3.1.19 | |
| thunderbird esr | lt | 10.0.2 |
Related
openvas
openvas
CentOS Update for libpng CESA-2012:0317 centos5
2012-07-30 00:00:00
Fedora Update for thunderbird FEDORA-2012-1794
2012-08-30 00:00:00
Fedora Update for libpng FEDORA-2012-1922
2012-03-19 00:00:00
nvd
nvd
CVE-2011-3026
2012-02-16 20:55:04
nessus
nessus
RHEL 5 / 6 : xulrunner (RHSA-2012:0143)
2012-02-17 00:00:00
CentOS 4 : seamonkey (CESA-2012:0141)
2012-02-17 00:00:00
suse
suse
Security update for libpng (important)
2012-02-28 22:37:10
mozilla-xulrunner192: 1.9.2.27 (important)
2012-02-24 16:08:11
libpng12: Fixed a heap based buffer overflow (important)
2012-02-28 22:36:59
centos
centos
libpng, libpng10 security update
2012-02-20 21:59:45
xulrunner security update
2012-02-17 01:35:23
firefox security update
2012-02-17 01:39:20
oraclelinux
oraclelinux
xulrunner security update
2012-02-16 00:00:00
firefox security update
2012-02-16 00:00:00
libpng security update
2012-02-20 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2012-11
2012-02-22 00:00:00
amazon
amazon
Important: libpng
2012-03-04 16:09:00
fedora
fedora
[SECURITY] Fedora 16 Update: thunderbird-11.0.1-1.fc16
2012-03-31 03:13:41
[SECURITY] Fedora 17 Update: libpng10-1.0.57-1.fc17
2012-02-28 11:00:27
[SECURITY] Fedora 16 Update: libpng-1.2.46-2.fc16
2012-02-21 01:29:44
redhat
redhat
(RHSA-2012:0317) Important: libpng security update
2012-02-20 00:00:00
(RHSA-2012:0143) Critical: xulrunner security update
2012-02-16 00:00:00
(RHSA-2012:0140) Critical: thunderbird security update
2012-02-16 00:00:00
ubuntu
ubuntu
Xulrunner vulnerability
2012-02-17 00:00:00
Thunderbird vulnerability
2012-02-17 00:00:00
Firefox vulnerability
2012-02-17 00:00:00
veracode
veracode
Denial Of Service (DoS)
2018-11-27 06:57:22
ubuntucve
ubuntucve
CVE-2011-3026
2012-02-16 00:00:00
cert
cert
libpng chunk decompression integer overflow vulnerability
2012-02-23 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package libpng version 1.2.47-alt1
2012-02-20 00:00:00
debian
debian
[SECURITY] [DSA 2410-1] libpng security update
2012-02-15 20:44:25
checkpoint_advisories
checkpoint_advisories
libpng png_decompress_chunk Integer Overflow - ver 2 (CVE-2011-3026)
2012-05-10 00:00:00
libpng png_decompress_chunk Integer Overflow (CVE-2011-3026)
2012-05-14 00:00:00
freebsd
freebsd
mozilla -- heap-buffer overflow
2012-02-16 00:00:00
cvelist
cvelist
CVE-2011-3026
2012-02-16 20:00:00
prion
prion
Integer overflow
2012-02-16 20:55:00
Integer overflow
2012-03-22 16:55:00
cve
cve
CVE-2011-3026
2012-02-16 20:55:04
threatpost
threatpost
Mozilla to Fix Libpng Bug in Firefox and Thunderbird
2012-02-17 18:43:07
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.832 High
EPSS
Percentile
98.5%
Related for MFSA2012-11