CVE-2011-3328
CVE-2011-3328 is a low-severity vulnerability in Greg Roelofs Libpng with a CVSS 2.0 base score of 2.6. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Low (CVSS 2.0 base score 2.6)
- EPSS exploit prediction: 4% (89th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Greg Roelofs Libpng
- Published:
- Last modified:
Description
The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed PNG image containing a cHRM chunk associated with a certain zero value.
Frequently asked questions
- What is CVE-2011-3328?
- The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed PNG image containing a cHRM chunk associated with a certain zero value.
- How severe is CVE-2011-3328?
- CVE-2011-3328 has a CVSS 2.0 base score of 2.6, rated low severity.
- Is CVE-2011-3328 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 4% (89th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2011-3328?
- CVE-2011-3328 affects Greg Roelofs Libpng. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2011-3328?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2011-3328 published?
- CVE-2011-3328 was published on 2012-01-17 and last updated on 2026-06-16.
References
- http://libpng.org/pub/png/libpng.html
- http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
- http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
- http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
- http://sourceforge.net/tracker/index.php?func=detail&aid=3406145&group_id=5624&atid=105624
- http://support.apple.com/kb/HT5130
- http://support.apple.com/kb/HT5281
- http://support.apple.com/kb/HT5503
- http://www.kb.cert.org/vuls/id/477046
- https://bugzilla.redhat.com/show_bug.cgi?id=740864
Affected products (1)
- cpe:2.3:a:greg_roelofs:libpng:1.5.4:*:*:*:*:*:*:*
More vulnerabilities in Greg Roelofs Libpng
- CVE-2004-0597 — Critical (CVSS 10.0): Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute…
- CVE-2006-3334 — High (CVSS 7.5): Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent…
- CVE-2002-1363 — High (CVSS 7.5): Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows…
- CVE-2002-0660 — High (CVSS 7.5): Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating…
- CVE-2006-0481 — Medium (CVSS 5.0): Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent attackers to cause a…
- CVE-2004-0598 — Medium (CVSS 5.0): The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service…