Your submission was sent successfully! Close

CVE-2011-3026

Published: 16 February 2012

Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.

Priority

Medium

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable
(uses system libpng)
maverick Not vulnerable
(uses system libpng)
natty Not vulnerable
(uses system libpng)
oneiric Not vulnerable
(uses system libpng)
upstream
Released (17.0.963.56)
firefox
Launchpad, Ubuntu, Debian
hardy Ignored
(reached end-of-life)
lucid
Released (10.0.2+build1-0ubuntu0.10.04.1)
maverick
Released (10.0.2+build1-0ubuntu0.10.10.1)
natty
Released (10.0.2+build1-0ubuntu0.11.04.1)
oneiric
Released (10.0.2+build1-0ubuntu0.11.10.1)
upstream
Released (10.0.2)
libpng
Launchpad, Ubuntu, Debian
hardy
Released (1.2.15~beta5-3ubuntu0.5)
lucid
Released (1.2.42-1ubuntu2.3)
maverick
Released (1.2.44-1ubuntu0.2)
natty
Released (1.2.44-1ubuntu3.2)
oneiric
Released (1.2.46-3ubuntu1.1)
upstream
Released (1.2.46-5)
thunderbird
Launchpad, Ubuntu, Debian
hardy Ignored
(reached end-of-life)
lucid
Released (3.1.19+build1+nobinonly-0ubuntu0.10.04.1)
maverick
Released (3.1.19+build1+nobinonly-0ubuntu0.10.10.1)
natty
Released (3.1.19+build1+nobinonly-0ubuntu0.11.04.1)
oneiric
Released (11.0+build1-0ubuntu0.11.10.1)
upstream
Released (3.1.19, 10.0.2)
xulrunner-1.9.2
Launchpad, Ubuntu, Debian
hardy Ignored
(reached end-of-life)
lucid
Released (1.9.2.27+build1+nobinonly-0ubuntu0.10.04.1)
maverick
Released (1.9.2.27+build1+nobinonly-0ubuntu0.10.10.1)
natty
Released (1.9.2.27+build1+nobinonly-0ubuntu0.11.04.1)
oneiric Does not exist

upstream Needs triage