Test ID:	1.3.6.1.4.1.25623.1.0.70021
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2011:1103
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2011:1103. The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. An uninitialized memory read issue was found in the way libpng processed certain PNG images that use the Physical Scale (sCAL) extension. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash. (CVE-2011-2692) Users of libpng and libpng10 should upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using libpng or libpng10 must be restarted for the update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2011-1103.html Risk factor : Medium CVSS Score: 4.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2692 45046 http://secunia.com/advisories/45046 45405 http://secunia.com/advisories/45405 45415 http://secunia.com/advisories/45415 45445 http://secunia.com/advisories/45445 45460 http://secunia.com/advisories/45460 45461 http://secunia.com/advisories/45461 45492 http://secunia.com/advisories/45492 48618 http://www.securityfocus.com/bid/48618 49660 http://secunia.com/advisories/49660 APPLE-SA-2011-10-12-3 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html APPLE-SA-2012-05-09-1 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html DSA-2287 http://www.debian.org/security/2011/dsa-2287 FEDORA-2011-9336 http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html GLSA-201206-15 http://security.gentoo.org/glsa/glsa-201206-15.xml MDVSA-2011:151 http://www.mandriva.com/security/advisories?name=MDVSA-2011:151 RHSA-2011:1103 http://www.redhat.com/support/errata/RHSA-2011-1103.html RHSA-2011:1104 http://www.redhat.com/support/errata/RHSA-2011-1104.html RHSA-2011:1105 http://www.redhat.com/support/errata/RHSA-2011-1105.html USN-1175-1 http://www.ubuntu.com/usn/USN-1175-1 VU#819894 http://www.kb.cert.org/vuls/id/819894 [oss-security] 20110713 Security issues fixed in libpng 1.5.4 http://www.openwall.com/lists/oss-security/2011/07/13/2 http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=61a2d8a2a7b03023e63eae9a3e64607aaaa6d339 http://sourceforge.net/mailarchive/forum.php?thread_name=003101cc2790%24fb5d6e80%24f2184b80%24%40acm.org&forum_name=png-mng-implement http://support.apple.com/kb/HT5002 http://support.apple.com/kb/HT5281 http://www.libpng.org/pub/png/libpng.html https://bugzilla.redhat.com/show_bug.cgi?id=720612 libpng-png-file-dos(68536) https://exchange.xforce.ibmcloud.com/vulnerabilities/68536
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.