Oval Definition:	oval:com.ubuntu.precise:def:20112501000
Revision Date: 2011-07-17 Version: 1 Title: CVE-2011-2501 on Ubuntu 12.04 LTS (precise) - low. Description: The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message data. NOTE: this vulnerability exists because of a CVE-2004-0421 regression. NOTE: this is called an off-by-one error by some sources. Family: unix Class: vulnerability Status: Reference(s): CVE-2011-2501 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information NOT While related to the CVE in some way, the 'chromium-browser' package in precise is not affected (note: '14.0.835.202~r103287-0ubuntu1'). OR The 'firefox' package in precise was vulnerable but has been fixed (note: '8.0~b4+build1-0ubuntu2'). OR NOT While related to the CVE in some way, the 'libpng' package in precise is not affected (note: '1.2.46-3ubuntu1').
BACK