Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2011-2501
Description:The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of- bounds read during the copying of error-message data. NOTE: this vulnerability exists because of a CVE-2004-0421 regression. NOTE: this is called an off-by-one error by some sources.
Test IDs:  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2011-2501
BugTraq ID: 48474
Debian Security Information: DSA-2287 (Google Search)
RedHat Security Advisories: RHSA-2011:1105
XForce ISS Database: libpng-pngerror-dos(68517)

© 1998-2021 E-Soft Inc. All rights reserved.