Lucene search
This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.IBM_INFORMIX_GENERO_2_41.NASLHistoryJan 31, 2013 - 12:00 a.m.
IBM Informix Genero < 2.41 png_decompress_chunk Integer Overflow
2013-01-3100:00:00
This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
55
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.832
Percentile
98.5%
The installed version of IBM Informix Genero is earlier than 2.41 and is, therefore, potentially affected by an integer overflow vulnerability in the libpng library used by this application. When decompressing certain PNG image files, this could be exploited to crash the application or even execute arbitrary code.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(64379);
script_version("1.6");
script_cvs_date("Date: 2019/12/04");
script_cve_id("CVE-2011-3026");
script_bugtraq_id(52049);
script_name(english:"IBM Informix Genero < 2.41 png_decompress_chunk Integer Overflow");
script_summary(english:"Checks version of IBM Informix Genero");
script_set_attribute(attribute:"synopsis", value:
"The remote host has software installed that is potentially affected by
an integer overflow vulnerability.");
script_set_attribute(attribute:"description", value:
"The installed version of IBM Informix Genero is earlier than 2.41 and
is, therefore, potentially affected by an integer overflow vulnerability
in the libpng library used by this application. When decompressing
certain PNG image files, this could be exploited to crash the
application or even execute arbitrary code.");
script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg21620982");
# https://www.ibm.com/blogs/psirt/security-bulletin-ibm-informix-genero-vulnerable-to-libpng-chunk-decompression-integer-overflow-vulnerability-cve-2011-3026/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b0c30d9c");
script_set_attribute(attribute:"solution", value:
"Upgrade to IBM Informix Genero 2.41 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2011-3026");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2012/02/16");
script_set_attribute(attribute:"patch_publication_date", value:"2012/02/16");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/31");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:informix");
script_set_attribute(attribute:"cpe", value:"x-cpe:/a:ibm:informix_genero");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ibm_informix_genero_installed.nasl");
script_require_keys("SMB/IBM_Informix_Genero/Installed");
exit(0);
}
include('audit.inc');
include('global_settings.inc');
include('misc_func.inc');
appname = 'IBM Informix Genero';
kb_base = "SMB/IBM_Informix_Genero/";
report = '';
fix = "2.41";
num_installed = get_kb_item_or_exit(kb_base + 'NumInstalled');
port = get_kb_item('SMB/transport');
if (!port) port = 445;
for (install_num =0; install_num < num_installed; install_num++)
{
ver = get_kb_item_or_exit(kb_base+install_num+"/Version", exit_code:1);
path = get_kb_item_or_exit(kb_base+install_num+"/Path");
if (ver =~"2\." && ver_compare(ver:ver, fix:fix, strict:FALSE) == -1)
{
report +=
'\n Path : ' + path +
'\n Installed version : ' + ver +
'\n Fixed version : ' + fix + '\n';
}
}
if (report !='')
{
if (report_verbosity > 0) security_hole(port:port, extra:report);
else security_hole(port);
exit(0);
}
else audit(AUDIT_INST_PATH_NOT_VULN, appname);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | informix | cpe:/a:ibm:informix | |
| ibm | informix_genero | x-cpe:/a:ibm:informix_genero |
Related
nessus
nessus
CentOS 4 : seamonkey (CESA-2012:0141)
2012-02-17 00:00:00
Thunderbird 10.x < 10.0.2 png_decompress_chunk Integer Overflow (Mac OS X)
2012-02-21 00:00:00
openvas
openvas
RedHat Update for seamonkey RHSA-2012:0141-01
2012-02-21 00:00:00
RedHat Update for libpng RHSA-2012:0317-01
2012-02-21 00:00:00
Fedora Update for libpng FEDORA-2012-1922
2012-03-19 00:00:00
suse
suse
Security update for libpng (important)
2012-02-28 22:37:10
mozilla-xulrunner192: 1.9.2.27 (important)
2012-02-24 16:08:11
libpng12: Fixed a heap based buffer overflow (important)
2012-02-28 22:36:59
fedora
fedora
[SECURITY] Fedora 17 Update: libpng10-1.0.57-1.fc17
2012-02-28 11:00:27
[SECURITY] Fedora 16 Update: thunderbird-11.0.1-1.fc16
2012-03-31 03:13:41
[SECURITY] Fedora 16 Update: libpng-1.2.46-2.fc16
2012-02-21 01:29:44
centos
centos
libpng, libpng10 security update
2012-02-20 21:59:45
xulrunner security update
2012-02-17 01:35:23
seamonkey security update
2012-02-17 01:42:07
oraclelinux
oraclelinux
xulrunner security update
2012-02-16 00:00:00
firefox security update
2012-02-16 00:00:00
libpng security update
2012-02-20 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2012-11
2012-02-22 00:00:00
redhat
redhat
(RHSA-2012:0143) Critical: xulrunner security update
2012-02-16 00:00:00
(RHSA-2012:0317) Important: libpng security update
2012-02-20 00:00:00
(RHSA-2012:0140) Critical: thunderbird security update
2012-02-16 00:00:00
nvd
nvd
CVE-2011-3026
2012-02-16 20:55:04
amazon
amazon
Important: libpng
2012-03-04 16:09:00
ubuntucve
ubuntucve
CVE-2011-3026
2012-02-16 00:00:00
veracode
veracode
Denial Of Service (DoS)
2018-11-27 06:57:22
ubuntu
ubuntu
Xulrunner vulnerability
2012-02-17 00:00:00
Thunderbird vulnerability
2012-02-17 00:00:00
Firefox vulnerability
2012-02-17 00:00:00
cert
cert
libpng chunk decompression integer overflow vulnerability
2012-02-23 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package libpng version 1.2.47-alt1
2012-02-20 00:00:00
debian
debian
[SECURITY] [DSA 2410-1] libpng security update
2012-02-15 20:44:25
checkpoint_advisories
checkpoint_advisories
libpng png_decompress_chunk Integer Overflow - ver 2 (CVE-2011-3026)
2012-05-10 00:00:00
libpng png_decompress_chunk Integer Overflow (CVE-2011-3026)
2012-05-14 00:00:00
freebsd
freebsd
mozilla -- heap-buffer overflow
2012-02-16 00:00:00
cvelist
cvelist
CVE-2011-3026
2012-02-16 20:00:00
mozilla
mozilla
libpng integer overflow — Mozilla
2012-02-16 00:00:00
prion
prion
Integer overflow
2012-02-16 20:55:00
Integer overflow
2012-03-22 16:55:00
threatpost
threatpost
Mozilla to Fix Libpng Bug in Firefox and Thunderbird
2012-02-17 18:43:07
cve
cve
CVE-2011-3026
2012-02-16 20:55:04
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.832
Percentile
98.5%
Related for IBM_INFORMIX_GENERO_2_41.NASL