Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.

According to the versions of the syslinux packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

    The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x     before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer     dereference vectors involving loading a text chunk into a png structure, removing the text, and then     adding another text chunk to the structure.(CVE-2016-10087)

    The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1.0.58, 1.2.x before 1.2.48, 1.4.x     before 1.4.10, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (out-of-bounds     read) via a large avail_in field value in a PNG image.(CVE-2012-3425)

    The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x     before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application     crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message     data. NOTE: this vulnerability exists because of a CVE-2004-0421 regression.NOTE: this is called an off-     by-one error by some sources.(CVE-2011-2501)

    The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x     before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote     attackers to cause a denial of service (memory corruption and application crash) or possibly have     unspecified other impact via a crafted PNG image that triggers the reading of uninitialized     memory.(CVE-2011-2692)

    The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x     before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME     chunk data in an image file, which triggers an out-of-bounds read.(CVE-2015-7981)

    The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8,     and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string     argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG     image.(CVE-2011-2691)

    Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before     1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand     function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have     unspecified other impact, via a crafted PNG image.(CVE-2011-2690)

    The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before     1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute     arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure     that is not properly handled, leading to a heap-based buffer overflow.(CVE-2011-3048)

    Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used     in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of     service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different     vulnerability than CVE-2011-3026.(CVE-2011-3045)

    Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64,     1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19     allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other     impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.(CVE-2015-8126)

    Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x     before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26     allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image,     which triggers an out-of-bounds read.(CVE-2015-8540)

    Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55,     1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause     a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth     value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an     incomplete fix for CVE-2015-8126.(CVE-2015-8472)

    libpng before 1.6.32 does not properly check the length of chunks against the user limit.(CVE-2017-12652)

Tenable has extracted the preceding description block directly from the EulerOS syslinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to the versions of the syslinux packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

    The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x     before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application     crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message     data.  NOTE: this vulnerability exists because of a CVE-2004-0421 regression. NOTE: this is called an off-     by-one error by some sources.(CVE-2011-2501)

    Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before     1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand     function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have     unspecified other impact, via a crafted PNG image.(CVE-2011-2690)

    The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8,     and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string     argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG     image.(CVE-2011-2691)

    The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x     before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote     attackers to cause a denial of service (memory corruption and application crash) or possibly have     unspecified other impact via a crafted PNG image that triggers the reading of uninitialized     memory.(CVE-2011-2692)

    Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used     in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of     service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different     vulnerability than CVE-2011-3026.(CVE-2011-3045)

    The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before     1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute     arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure     that is not properly handled, leading to a heap-based buffer overflow.(CVE-2011-3048)

    The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1.0.58, 1.2.x before 1.2.48, 1.4.x     before 1.4.10, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (out-of-bounds     read) via a large avail_in field value in a PNG image.(CVE-2012-3425)

    The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x     before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME     chunk data in an image file, which triggers an out-of-bounds read.(CVE-2015-7981)

    Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64,     1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19     allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other     impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.(CVE-2015-8126)

    Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55,     1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause     a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth     value in an IHDR (aka image header) chunk in a PNG image.  NOTE: this vulnerability exists because of an     incomplete fix for CVE-2015-8126.(CVE-2015-8472)

    Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x     before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26     allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image,     which triggers an out-of-bounds read.(CVE-2015-8540)

    The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x     before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer     dereference vectors involving loading a text chunk into a png structure, removing the text, and then     adding another text chunk to the structure.(CVE-2016-10087)

    libpng before 1.6.32 does not properly check the length of chunks against the user limit.(CVE-2017-12652)

Tenable has extracted the preceding description block directly from the EulerOS syslinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched.

  - libpng: memory corruption flaw (CVE-2011-3048)

  - libpng: Out-of-bounds read in png_convert_to_rfc1123 (CVE-2015-7981)

  - Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used     in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of     service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different     vulnerability than CVE-2011-3026. (CVE-2011-3045)

Note that Nessus has not tested for these issues but has instead relied on the package manager's report that the package is installed.

An updated rhev-hypervisor5 package that fixes three security issues and one bug is now available.

The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent.

Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions.

A flaw was found in the way libtasn1 decoded DER data. An attacker could create a carefully-crafted X.509 certificate that, when parsed by an application that uses GnuTLS, could cause the application to crash. (CVE-2012-1569)

A flaw was found in the way GnuTLS decrypted malformed TLS records.
This could cause a TLS/SSL client or server to crash when processing a specially crafted TLS record from a remote TLS/SSL connection peer.
(CVE-2012-1573)

An integer overflow flaw was found in the implementation of the printf functions family. This could allow an attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code using a format string flaw in an application, even though these protections are expected to limit the impact of such flaws to an application abort.
(CVE-2012-0864)

Red Hat would like to thank Matthew Hall of Mu Dynamics for reporting CVE-2012-1569 and CVE-2012-1573.

This updated package provides updated components that include fixes for various security issues. These issues have no security impact on Red Hat Enterprise Virtualization Hypervisor itself, however. The security fixes included in this update address the following CVE numbers :

CVE-2011-4128 (gnutls issue)

CVE-2012-1583 (kernel issue)

CVE-2011-3045 (libpng issue)

CVE-2012-0884 and CVE-2012-1165 (openssl issues)

Further information on the changes made to the package is available on the relevant errata :

https://rhn.redhat.com/errata/RHBA-2012-0398.html

Users of Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package, which fixes these issues.

- Update to 19.0.1079 Security Fixes (bnc#754456) :

  - High CVE-2011-3050: Use-after-free with first-letter     handling

  - High CVE-2011-3045: libpng integer issue from upstream

  - High CVE-2011-3051: Use-after-free in CSS cross-fade     handling

  - High CVE-2011-3052: Memory corruption in WebGL canvas     handling

  - High CVE-2011-3053: Use-after-free in block splitting

  - Low CVE-2011-3054: Apply additional isolations to webui     privileges

  - Low CVE-2011-3055: Prompt in the browser native UI for     unpacked extension installation

  - High CVE-2011-3056: Cross-origin violation with     &ldquo;magic iframe&rdquo;.

  - Low CVE-2011-3049: Extension web request API can     interfere with system requests Other Fixes :

  - The short-cut key for caps lock (Shift + Search) is     disabled when an accessibility screen reader is enabled

  - Fixes an issue with files not being displayed in File     Manager when some file names contain UTF-8 characters     (generally accented characters)

  - Fixed dialog boxes in settings. (Issue: 118031)

  - Fixed flash videos turning white on mac when running     with 

    --disable-composited-core-animation-plugins (Issue:
    117916) 

  - Change to look for correctly sized favicon when multiple     images are provided. (Issue: 118275)

  - Fixed issues - 116044, 117470, 117068, 117668, 118620

  - Update to 19.0.1077

  - Update to 19.0.1074

  - Build Chromium on openSUSE > 12.1 with the gold linker 

  - Fix build issues with GCC 4.7

  - Update to 19.0.1071

  - Several fixes and improvements in the new Settings,     Extensions, and Help pages.

  - Fixed the flashing when switched between composited and     non-composited mode. [Issue: 116603]

  - Fixed stability issues 116913, 117217, 117347, 117081

specially crafted png files could cause a buffer overflow in libpng

A heap-based buffer overflow flaw was found in the way libpng processed compressed chunks in PNG image files. An attacker could create a specially crafted PNG image file that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3045)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2012-0407 advisory.

    [2:1.2.48-1]
    - Update to libpng 1.2.48, for minor security issues (CVE-2011-3045)     Resolves: #801663

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files.

A heap-based buffer overflow flaw was found in the way libpng processed compressed chunks in PNG image files. An attacker could create a specially crafted PNG image file that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3045)

Users of libpng should upgrade to these updated packages, which correct this issue. For Scientific Linux 5, they contain a backported patch. For Scientific Linux 6, they upgrade libpng to version 1.2.48.
All running applications using libpng must be restarted for the update to take effect.

New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.

The remote host is affected by the vulnerability described in GLSA-201206-15 (libpng: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in libpng:
      The &ldquo;embedded_profile_len()&rdquo; function in pngwutil.c does not         check for negative values, resulting in a memory leak (CVE-2009-5063).
      The &ldquo;png_format_buffer()&rdquo; function in pngerror.c contains an         off-by-one error (CVE-2011-2501).
      The &ldquo;png_rgb_to_gray()&rdquo; function in pngrtran.c contains an         integer overflow error (CVE-2011-2690).
      The &ldquo;png_err()&rdquo; function in pngerror.c contains a NULL pointer         dereference error (CVE-2011-2691).
      The &ldquo;png_handle_sCAL()&rdquo; function in pngrutil.c improperly handles         malformed sCAL chunks(CVE-2011-2692).
      The &ldquo;png_decompress_chunk()&rdquo; function in pngrutil.c contains an         integer overflow error (CVE-2011-3026).
      The &ldquo;png_inflate()&rdquo; function in pngrutil.c contains and out of         bounds error (CVE-2011-3045).
      The &ldquo;png_set_text_2()&rdquo; function in pngset.c contains an error         which could result in memory corruption (CVE-2011-3048).
      The &ldquo;png_formatted_warning()&rdquo; function in pngerror.c contains an         off-by-one error (CVE-2011-3464).
  Impact :

    An attacker could exploit these vulnerabilities to execute arbitrary       code with the permissions of the user running the vulnerable program,       which could be the root user, or to cause programs linked against the       library to crash.
  Workaround :

    There is no known workaround at this time.

Update to latest versions for minor security fixes

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

It was discovered that libpng did not properly process compressed chunks. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking the program.

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Google Chrome Releases reports :

[113902] High CVE-2011-3050: Use-after-free with first-letter handling. Credit to miaubiz.

[116162] High CVE-2011-3045: libpng integer issue from upstream.
Credit to Glenn Randers-Pehrson of the libpng project.

[116461] High CVE-2011-3051: Use-after-free in CSS cross-fade handling. Credit to Arthur Gerkis.

[116637] High CVE-2011-3052: Memory corruption in WebGL canvas handling. Credit to Ben Vanik of Google.

[116746] High CVE-2011-3053: Use-after-free in block splitting. Credit to miaubiz.

[117418] Low CVE-2011-3054: Apply additional isolations to webui privileges. Credit to Sergey Glazunov.

[117736] Low CVE-2011-3055: Prompt in the browser native UI for unpacked extension installation. Credit to PinkiePie.

[117550] High CVE-2011-3056: Cross-origin violation with 'magic iframe'. Credit to Sergey Glazunov.

[117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian Holler.

[108648] Low CVE-2011-3049: Extension web request API can interfere with system requests. Credit to Michael Gundlach. Fixed in an earlier release.

Glenn-Randers Pehrson discovered an buffer overflow in the libpng PNG library, which could lead to the execution of arbitrary code if a malformed image is processed.

The version of Google Chrome installed on the remote host is earlier than 17.0.963.83 and is, therefore, affected by the following vulnerabilities :

  - An unspecified integer issue exists in libpng.
    (CVE-2011-3045)

  - An error exists related to the extension web request     API that could allow denial of service attacks.
    Note this issue was corrected in a previous, unspecified     release. (CVE-2011-3049)

  - Use-after-free errors exist related to 'first-letter'     handling, CSS cross-fade handling and block splitting.
    (CVE-2011-3050, CVE-2011-3051, CVE-2011-3053)

  - A memory corruption error exists related to WebGL     canvas handling. (CVE-2011-3052)

  - An error exists related to webui privilege isolation.
    (CVE-2011-3054)

  - Installation of unpacked extensions does not use the     application's native user interface for prompts.
    (CVE-2011-3055)

  - A cross-origin violation is possible with 'magic iframe'.
    (CVE-2011-3056)

  - The v8 JavaScript engine could allow invalid reads to     take place. (CVE-2011-3057)

A vulnerability has been found and corrected in libpng :

A heap-based buffer overflow flaw was found in the way libpng processed compressed chunks in PNG image files. An attacker could create a specially crafted PNG image file that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2011-3045).

The updated packages have been patched to correct this issue.

Versions of Google Chrome earlier than 17.0.963.83 are potentially affected by the following vulnerabilities :

  - An unspecified integer issue exists in libpng. (CVE-2011-3045)

  - Use-after-free errors exist related to 'first-letter' handling, CSS cross-fade handling and block splitting. (CVE-2011-3050, CVE_2011-3051, CVE-2011-3053)

  - A memory corruption error exists related to WebGL canvas handling. (CVE-2011-3052)

  - An error exists related to webui privilege isolation. (CVE-2011-3054)

  - Installation of unpacked extensions does not use the application's native user interface for prompts. (CVE-2011-3055)

  - A cross-origin violation is possible with 'magic iframe'. (CVE-2011-3056)

  - The v8 JavaScript engine can allow invalid reads to take place. (CVE-2011-3057)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:0407 advisory.

    The libpng packages contain a library of functions for creating and     manipulating PNG (Portable Network Graphics) image format files.

    A heap-based buffer overflow flaw was found in the way libpng processed     compressed chunks in PNG image files. An attacker could create a     specially-crafted PNG image file that, when opened, could cause an     application using libpng to crash or, possibly, execute arbitrary code with     the privileges of the user running the application. (CVE-2011-3045)

    Users of libpng should upgrade to these updated packages, which correct     this issue. For Red Hat Enterprise Linux 5, they contain a backported     patch. For Red Hat Enterprise Linux 6, they upgrade libpng to version     1.2.48. All running applications using libpng must be restarted for the     update to take effect.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Updated libpng packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files.

A heap-based buffer overflow flaw was found in the way libpng processed compressed chunks in PNG image files. An attacker could create a specially crafted PNG image file that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3045)

Users of libpng should upgrade to these updated packages, which correct this issue. For Red Hat Enterprise Linux 5, they contain a backported patch. For Red Hat Enterprise Linux 6, they upgrade libpng to version 1.2.48. All running applications using libpng must be restarted for the update to take effect.

A type conversion flaw leading to an out-of-bounds heap buffer read was found in the way libpng10, a library of functions for manipulation PNG image format files, performed expansion of certain iCCP, iTXt, and zTXt PNG image file chunks.

A remote attacker could provide a specially crafted Portable Network Graphics (PNG) image file, which once opened in an application, linked against libpng10, could lead to denial of service or in some cases, execution of arbitrary code without permission of the user running such an application.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

ID	Name	Product	Family	Severity
210632	EulerOS 2.0 SP10 : syslinux (EulerOS-SA-2024-2915)	Nessus	Huawei Local Security Checks	critical
210631	EulerOS 2.0 SP9 : syslinux (EulerOS-SA-2024-2839)	Nessus	Huawei Local Security Checks	critical
199569	RHEL 4 : libpng (Unpatched Vulnerability)	Nessus	Red Hat Local Security Checks	medium
79286	RHEL 5 : rhev-hypervisor5 (RHSA-2012:0488)	Nessus	Red Hat Local Security Checks	medium
74587	openSUSE Security Update : chromium / v8 (openSUSE-SU-2012:0466-1)	Nessus	SuSE Local Security Checks	medium
74583	openSUSE Security Update : libpng12 / libpng14 (openSUSE-SU-2012:0432-1)	Nessus	SuSE Local Security Checks	medium
69663	Amazon Linux AMI : libpng (ALAS-2012-56)	Nessus	Amazon Linux Local Security Checks	medium
68499	Oracle Linux 5 / 6 : libpng (ELSA-2012-0407)	Nessus	Oracle Linux Local Security Checks	high
61286	Scientific Linux Security Update : libpng on SL5.x, SL6.x i386/x86_64 (20120320)	Nessus	Scientific Linux Local Security Checks	medium
60112	Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 8.1 / 9.0 / 9.1 / current : libpng (SSA:2012-206-01)	Nessus	Slackware Local Security Checks	medium
59668	GLSA-201206-15 : libpng: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
58544	Fedora 15 : libpng-1.2.48-1.fc15 (2012-3705)	Nessus	Fedora Local Security Checks	medium
58465	Fedora 16 : libpng-1.2.48-1.fc16 (2012-3739)	Nessus	Fedora Local Security Checks	medium
58443	Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : libpng vulnerability (USN-1402-1)	Nessus	Ubuntu Local Security Checks	medium
58438	FreeBSD : chromium -- multiple vulnerabilities (330106da-7406-11e1-a1d7-00262d5ed8ee)	Nessus	FreeBSD Local Security Checks	high
58437	Debian DSA-2439-1 : libpng - buffer overflow	Nessus	Debian Local Security Checks	medium
58434	Google Chrome < 17.0.963.83 Multiple Vulnerabilities	Nessus	Windows	high
58424	Mandriva Linux Security Advisory : libpng (MDVSA-2012:033)	Nessus	Mandriva Local Security Checks	medium
800954	Google Chrome < 17.0.963.83 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
6356	Google Chrome < 17.0.963.83 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
58407	RHEL 5 / 6 : libpng (RHSA-2012:0407)	Nessus	Red Hat Local Security Checks	high
58404	CentOS 5 / 6 : libpng (CESA-2012:0407)	Nessus	CentOS Local Security Checks	medium
58375	Fedora 17 : libpng-1.5.9-1.fc17 (2012-3605)	Nessus	Fedora Local Security Checks	medium
58374	Fedora 16 : libpng10-1.0.58-1.fc16 (2012-3545)	Nessus	Fedora Local Security Checks	medium
58373	Fedora 15 : libpng10-1.0.58-1.fc15 (2012-3536)	Nessus	Fedora Local Security Checks	medium
58336	Fedora 17 : libpng10-1.0.58-1.fc17 (2012-3507)	Nessus	Fedora Local Security Checks	medium

Detections

Analytics

CVE-2011-3045

high

Tenable Plugins

critical

critical

medium

medium

medium

medium

medium

high

medium

medium

high

medium

medium

medium

high

medium

high

medium

high

high

high

medium

medium

medium

medium

medium