Launchpad.net

CVE 2011-3045

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.

Related bugs and status

CVE-2011-3045 (Candidate) is related to these bugs:

Bug #961831: Update to 17.0.963.83

		In	Importance	Status
961831	Update to 17.0.963.83	chromium-browser (Ubuntu)	Medium	Fix Released
961831	Update to 17.0.963.83	chromium-browser (Ubuntu Natty)	Medium	Fix Released
961831	Update to 17.0.963.83	chromium-browser (Ubuntu Oneiric)	Medium	Fix Released
961831	Update to 17.0.963.83	chromium-browser (Ubuntu Precise)	Medium	Fix Released
961831	Update to 17.0.963.83	chromium-browser (Ubuntu Lucid)	Medium	Fix Released
961831	Update to 17.0.963.83	chromium-browser (Ubuntu Maverick)	Medium	Fix Released

Bug #968901: Please update to 18.0.1025.142

		In	Importance	Status
968901	Please update to 18.0.1025.142	chromium-browser (Ubuntu)	Medium	Fix Released
968901	Please update to 18.0.1025.142	chromium-browser (Ubuntu Lucid)	Medium	Fix Released
968901	Please update to 18.0.1025.142	chromium-browser (Ubuntu Maverick)	Medium	Fix Released
968901	Please update to 18.0.1025.142	chromium-browser (Ubuntu Natty)	Medium	Fix Released
968901	Please update to 18.0.1025.142	chromium-browser (Ubuntu Oneiric)	Medium	Fix Released
968901	Please update to 18.0.1025.142	chromium-browser (Ubuntu Precise)	Medium	Fix Released

Bug #977502: Please update to 18.0.1025.151

		In	Importance	Status
977502	Please update to 18.0.1025.151	chromium-browser (Ubuntu)	Medium	Fix Released
977502	Please update to 18.0.1025.151	chromium-browser (Ubuntu Natty)	Medium	Fix Released
977502	Please update to 18.0.1025.151	chromium-browser (Ubuntu Oneiric)	Medium	Fix Released
977502	Please update to 18.0.1025.151	chromium-browser (Ubuntu Precise)	Medium	Fix Released
977502	Please update to 18.0.1025.151	chromium-browser (Ubuntu Lucid)	Medium	Fix Released
977502	Please update to 18.0.1025.151	chromium-browser (Ubuntu Maverick)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://code.google.com...
CONFIRM: http://googlechromerel...
CONFIRM: http://libpng.git.sour...
CONFIRM: https://bugzilla.redha...
FEDORA: FEDORA-2012-3705
FEDORA: FEDORA-2012-3739
SUSE: openSUSE-SU-2012:0432
SECUNIA: 48320
SECUNIA: 48485
SECUNIA: 48512
SECUNIA: 48554
GENTOO: GLSA-201206-15
SECUNIA: 49660
SECTRACK: 1026823
REDHAT: RHSA-2012:0488
CONFIRM: http://src.chromium.or...
OVAL: oval:org.mitre.oval:de...
MANDRIVA: MDVSA-2012:033
FEDORA: FEDORA-2012-3507
FEDORA: FEDORA-2012-3536
FEDORA: FEDORA-2012-3545
FEDORA: FEDORA-2012-3605
DEBIAN: DSA-2439
REDHAT: RHSA-2012:0407
SUSE: openSUSE-SU-2012:0466