CVE-2011-3026

Published: 16 February 2012

Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.

Priority

Medium

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
Upstream
Released (17.0.963.56)
firefox
Launchpad, Ubuntu, Debian
Upstream
Released (10.0.2)
libpng
Launchpad, Ubuntu, Debian
Upstream
Released (1.2.46-5)
Patches:
Other: http://src.chromium.org/viewvc/chrome/branches/963/src/third_party/libpng/pngrutil.c?view=patch&r1=121492&r2=121491&pathrev=121492
Vendor: http://www.debian.org/security/2012/dsa-2410
thunderbird
Launchpad, Ubuntu, Debian
Upstream
Released (3.1.19, 10.0.2)
xulrunner-1.9.2
Launchpad, Ubuntu, Debian
Upstream Needs triage