Vulnerability Details : CVE-2012-3425
The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1.0.58, 1.2.x before 1.2.48, 1.4.x before 1.4.10, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large avail_in field value in a PNG image.
Vulnerability category: Denial of service
Products affected by CVE-2012-3425
- cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:libpng:1.2.2-20:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:libpng:1.2.2-16:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.52:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.50:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.29:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.26:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.46:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.48:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.30:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.31:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.53:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.51:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.27:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.25:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.37:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.38:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.33:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.41:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.45:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.14:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.42:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.23:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.24:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.22:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.34:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.35:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.47:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.44:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.43:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.13:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.32:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.54:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.39:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.40:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.28:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.15:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.26:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.22:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.24:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.23:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.25:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.21:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.20:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.28:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.31:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.18:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.17:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.32:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.27:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.30:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.33:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.19:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.16:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.29:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.34:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.57:rc01:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.56:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.57:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.55:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.56:devel:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.0.55:rc01:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.48:betas:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.47:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.43:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.43:devel:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.35:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.46:devel:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.45:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.40:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.39:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.38:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.45:devel:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.44:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.37:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.36:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.12:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.47:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.46:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.42:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.2.41:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.4.9:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.7:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.3:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.2:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.9:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.5:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.10:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.6:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.1:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.0:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.8:beta:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:libpng:libpng:1.5.4:beta:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-3425
1.75%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-3425
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2012-3425
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-3425
-
http://www.openwall.com/lists/oss-security/2012/07/24/3
oss-security - CVE Request: libpng: Out-of heap-based buffer read by inflating certain PNG images
-
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668082
#668082 - libpng12-0: libpng-1.2.44 crashes with electric fence memory debugger - Debian Bug report logsThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2815-1
USN-2815-1: libpng vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=blob;f=CHANGES;h=284de253b1561b976291ba7405acd71ae71ff597;hb=refs/heads/libpng10
LIBPNG: PNG reference library / Git tools
-
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=blob%3Bf=CHANGES%3Bh=284de253b1561b976291ba7405acd71ae71ff597%3Bhb=refs/heads/libpng10
-
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=blob;f=CHANGES;h=2da5a7a8b690e257f94353b5b49d493cdc385322;hb=refs/heads/libpng14
LIBPNG: PNG reference library / Git tools
-
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=blob;f=CHANGES;hb=a4b640865ae47986bbe71ecc0e7d5181dcb0bac8
LIBPNG: PNG reference library / Git tools
-
http://www.openwall.com/lists/oss-security/2012/07/24/5
oss-security - Re: CVE Request: libpng: Out-of heap-based buffer read by inflating certain PNG images
-
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=blob%3Bf=CHANGES%3Bh=2da5a7a8b690e257f94353b5b49d493cdc385322%3Bhb=refs/heads/libpng14
-
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=blob%3Bf=CHANGES%3Bh=73e2ffd6a1471f2144d0ce7165d7323cb109f10f%3Bhb=refs/heads/libpng15
-
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=blob%3Bf=CHANGES%3Bhb=a4b640865ae47986bbe71ecc0e7d5181dcb0bac8
-
http://lists.opensuse.org/opensuse-updates/2012-08/msg00004.html
openSUSE-SU-2012:0934-1: moderate: libpng14 (CVE-2012-3425)Third Party Advisory
-
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=blob;f=CHANGES;h=73e2ffd6a1471f2144d0ce7165d7323cb109f10f;hb=refs/heads/libpng15
LIBPNG: PNG reference library / Git tools
Jump to