CVE-2011-3048 in Apple iOSinfo

Summary

The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow.

Reservation

08/09/2011

Disclosure

05/29/2012

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
6340	Apple iOS ImageIO memory corruption	119	Unproven	Official fix	CVE-2011-3048
5016	Greg Roelofs libpng pngset.c memory corruption	119	Unproven	Official fix	CVE-2011-3048

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Want to know what is going to be exploited?

We predict KEV entries!