CVE-2011-2691

Name of the Vulnerable Software and Affected Versions libpng versions 1.0.x through 1.0.54 libpng versions 1.2.x through 1.2.44 libpng versions 1.4.x through 1.4.7 libpng versions 1.5.x through 1.5.3

Description The issue allows remote attackers to cause a denial of service, potentially leading to a disruption in confidentiality, integrity, and availability of protected information. This can be achieved through the exploitation of crafted PNG images. The png err function in pngerror.c is specifically affected, as it makes a function call using a NULL pointer argument instead of an empty-string argument.

Recommendations For libpng versions 1.0.x through 1.0.54, update to version 1.0.55 or later. For libpng versions 1.2.x through 1.2.44, update to version 1.2.45 or later. For libpng versions 1.4.x through 1.4.7, update to version 1.4.8 or later. For libpng versions 1.5.x through 1.5.3, update to version 1.5.4 or later.