Search for vulnerabilities
Vulnerability details: VCID-w8zp-k3cq-aaak
Vulnerability ID VCID-w8zp-k3cq-aaak
Aliases CVE-2011-3026
Summary CVE-2011-3026 libpng: Heap buffer overflow in png_decompress_chunk (MFSA 2012-11)
Status Published
Exploitability 2.0
Weighted Severity 9.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-190 Integer Overflow or Wraparound
CWE-122 Heap-based Buffer Overflow
System Score Found at
generic_textual Medium http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
rhas Critical https://access.redhat.com/errata/RHSA-2012:0140
rhas Critical https://access.redhat.com/errata/RHSA-2012:0141
rhas Critical https://access.redhat.com/errata/RHSA-2012:0142
rhas Critical https://access.redhat.com/errata/RHSA-2012:0143
rhas Important https://access.redhat.com/errata/RHSA-2012:0317
epss 0.19895 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.19895 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.29689 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.42915 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.42915 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.42915 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.42915 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.49141 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.80174 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.80174 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.80174 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.80174 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.80174 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.83188 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.83188 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.83188 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.83188 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
epss 0.83188 https://api.first.org/data/v1/epss?cve=CVE-2011-3026
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=790737
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2011-3026
generic_textual Medium http://support.apple.com/kb/HT5503
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2012-11
Reference id Reference type URL
http://code.google.com/p/chromium/issues/detail?id=112822
http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00020.html
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00023.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3026.json
https://api.first.org/data/v1/epss?cve=CVE-2011-3026
http://secunia.com/advisories/48016
http://secunia.com/advisories/48110
http://secunia.com/advisories/49660
http://security.gentoo.org/glsa/glsa-201206-15.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15032
http://support.apple.com/kb/HT5501
http://support.apple.com/kb/HT5503
790737 https://bugzilla.redhat.com/show_bug.cgi?id=790737
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.6.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.6.8:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.6.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x_server:10.6.8:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:sp2:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:sp2:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:vmware:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:vmware:*:*
CVE-2011-3026 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026
CVE-2011-3026 https://nvd.nist.gov/vuln/detail/CVE-2011-3026
GLSA-201206-15 https://security.gentoo.org/glsa/201206-15
GLSA-201301-01 https://security.gentoo.org/glsa/201301-01
mfsa2012-11 https://www.mozilla.org/en-US/security/advisories/mfsa2012-11
RHSA-2012:0140 https://access.redhat.com/errata/RHSA-2012:0140
RHSA-2012:0141 https://access.redhat.com/errata/RHSA-2012:0141
RHSA-2012:0142 https://access.redhat.com/errata/RHSA-2012:0142
RHSA-2012:0143 https://access.redhat.com/errata/RHSA-2012:0143
RHSA-2012:0317 https://access.redhat.com/errata/RHSA-2012:0317
USN-1367-1 https://usn.ubuntu.com/1367-1/
USN-1367-2 https://usn.ubuntu.com/1367-2/
USN-1367-3 https://usn.ubuntu.com/1367-3/
USN-1367-4 https://usn.ubuntu.com/1367-4/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2011-3026
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.95128
EPSS Score 0.19895
Published At May 18, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.