Executive Summary
Summary | |
---|---|
Title | libpng: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-201206-15 | First vendor Publication | 2012-06-22 |
Vendor | Gentoo | Last vendor Modification | 2012-06-22 |
Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities in libpng might allow remote attackers to execute arbitrary code or cause a Denial of Service condition. Background Description * The "embedded_profile_len()" function in pngwutil.c does not check for negative values, resulting in a memory leak (CVE-2009-5063). Impact Workaround Resolution All libpng 1.2 users should upgrade to the latest version: Packages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages. References Availability http://security.gentoo.org/glsa/glsa-201206-15.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-201206-15.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
22 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
22 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
11 % | CWE-476 | NULL Pointer Dereference |
11 % | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory Leak') |
11 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
11 % | CWE-125 | Out-of-bounds Read |
11 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12578 | |||
Oval ID: | oval:org.mitre.oval:def:12578 | ||
Title: | DSA-2287-1 libpng -- several | ||
Description: | The PNG library libpng has been affected by several vulnerabilities. The most critical one is the identified as CVE-2011-2690. Using this vulnerability, an attacker is able to overwrite memory with an arbitrary amount of data controlled by her via a crafted PNG image. The other vulnerabilities are less critical and allow an attacker to cause a crash in the program via a crafted PNG image. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2287-1 CVE-2011-2501 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | libpng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14109 | |||
Oval ID: | oval:org.mitre.oval:def:14109 | ||
Title: | USN-1175-1 -- libpng vulnerabilities | ||
Description: | libpng: PNG file library Libpng could be made to run programs as your login if it opened a specially crafted file. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1175-1 CVE-2011-2501 CVE-2011-2690 CVE-2011-2692 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 8.04 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | libpng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14763 | |||
Oval ID: | oval:org.mitre.oval:def:14763 | ||
Title: | Integer signedness error in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. | ||
Description: | Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3045 | Version: | 14 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Google Chrome |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14990 | |||
Oval ID: | oval:org.mitre.oval:def:14990 | ||
Title: | USN-1367-2 -- Firefox vulnerability | ||
Description: | firefox: Mozilla Open Source web browser Details: USN-1367-1 fixed vulnerabilities in libpng. This provides the corresponding update for Firefox. Original advisory Firefox could be made to crash or run programs as your login if it opened a specially crafted file. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1367-2 CVE-2011-3026 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | Firefox |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15032 | |||
Oval ID: | oval:org.mitre.oval:def:15032 | ||
Title: | Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. | ||
Description: | Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3026 | Version: | 13 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Google Chrome |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15182 | |||
Oval ID: | oval:org.mitre.oval:def:15182 | ||
Title: | USN-1367-4 -- Xulrunner vulnerability | ||
Description: | xulrunner-1.9.2: Mozilla Gecko runtime environment Details: USN-1367-1 fixed vulnerabilities in libpng. This provides the corresponding update for Xulrunner. Original advisory Xulrunner based applications could be made to crash or run programs as your login if they opened a specially crafted file. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1367-4 CVE-2011-3026 | Version: | 5 |
Platform(s): | Ubuntu 10.10 Ubuntu 10.04 | Product(s): | Xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15399 | |||
Oval ID: | oval:org.mitre.oval:def:15399 | ||
Title: | DSA-2439-1 libpng -- buffer overflow | ||
Description: | Glenn-Randers Pehrson discovered an buffer overflow in the libpng PNG library, which could lead to the execution of arbitrary code if a malformed image is processed. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2439-1 CVE-2011-3045 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | libpng |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15410 | |||
Oval ID: | oval:org.mitre.oval:def:15410 | ||
Title: | DSA-2410-1 libpng -- integer overflow | ||
Description: | Jueri Aedla discovered an integer overflow in the libpng PNG library, which could lead to the execution of arbitrary code if a malformed image is processed. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2410-1 CVE-2011-3026 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | libpng |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15431 | |||
Oval ID: | oval:org.mitre.oval:def:15431 | ||
Title: | USN-1367-1 -- libpng vulnerabilities | ||
Description: | libpng: PNG file library libpng could be made to crash or run programs as your login if it opened a specially crafted file. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1367-1 CVE-2009-5063 CVE-2011-3026 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 8.04 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | libpng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15481 | |||
Oval ID: | oval:org.mitre.oval:def:15481 | ||
Title: | USN-1367-3 -- Thunderbird vulnerability | ||
Description: | thunderbird: Mozilla Open Source mail and newsgroup client Details: USN-1367-1 fixed vulnerabilities in libpng. This provides the corresponding update for Thunderbird. Original advisory Thunderbird could be made to crash or run programs as your login if it opened a specially crafted file. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1367-3 CVE-2011-3026 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | Thunderbird |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15482 | |||
Oval ID: | oval:org.mitre.oval:def:15482 | ||
Title: | USN-1402-1 -- libpng vulnerability | ||
Description: | libpng: PNG file library libpng could be made to crash or run programs as your login if it opened a specially crafted file. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1402-1 CVE-2011-3045 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 8.04 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | libpng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15485 | |||
Oval ID: | oval:org.mitre.oval:def:15485 | ||
Title: | USN-1369-1 -- Thunderbird vulnerabilities | ||
Description: | thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1369-1 CVE-2012-0449 CVE-2012-0444 CVE-2012-0447 CVE-2012-0446 CVE-2011-3659 CVE-2012-0445 CVE-2012-0442 CVE-2012-0443 CVE-2012-0452 CVE-2011-3026 | Version: | 5 |
Platform(s): | Ubuntu 11.10 | Product(s): | Thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17240 | |||
Oval ID: | oval:org.mitre.oval:def:17240 | ||
Title: | USN-1417-1 -- libpng vulnerability | ||
Description: | libpng could be made to crash or run programs as your login if it opened a specially crafted file. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1417-1 CVE-2011-3048 | Version: | 7 |
Platform(s): | Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.10 Ubuntu 10.04 Ubuntu 8.04 | Product(s): | libpng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19653 | |||
Oval ID: | oval:org.mitre.oval:def:19653 | ||
Title: | DSA-2446-1 libpng - incorrect memory handling | ||
Description: | It was discovered that incorrect memory handling in the png_set_text2() function of the PNG library could lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2446-1 CVE-2011-3048 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | libpng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20704 | |||
Oval ID: | oval:org.mitre.oval:def:20704 | ||
Title: | RHSA-2012:0523: libpng security update (Moderate) | ||
Description: | The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0523-01 CESA-2012:0523 CVE-2011-3048 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | libpng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20792 | |||
Oval ID: | oval:org.mitre.oval:def:20792 | ||
Title: | RHSA-2012:0407: libpng security update (Moderate) | ||
Description: | Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0407-01 CESA-2012:0407 CVE-2011-3045 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | libpng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21128 | |||
Oval ID: | oval:org.mitre.oval:def:21128 | ||
Title: | RHSA-2012:0140: thunderbird security update (Critical) | ||
Description: | Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0140-01 CESA-2012:0140 CVE-2011-3026 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21187 | |||
Oval ID: | oval:org.mitre.oval:def:21187 | ||
Title: | RHSA-2012:0143: xulrunner security update (Critical) | ||
Description: | Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0143-01 CESA-2012:0143 CVE-2011-3026 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21349 | |||
Oval ID: | oval:org.mitre.oval:def:21349 | ||
Title: | RHSA-2012:0317: libpng security update (Important) | ||
Description: | Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0317-01 CESA-2012:0317 CVE-2011-3026 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | libpng libpng10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21411 | |||
Oval ID: | oval:org.mitre.oval:def:21411 | ||
Title: | RHSA-2011:1105: libpng security update (Moderate) | ||
Description: | The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1105-01 CVE-2011-2501 CVE-2011-2690 CVE-2011-2692 | Version: | 42 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | libpng |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21953 | |||
Oval ID: | oval:org.mitre.oval:def:21953 | ||
Title: | RHSA-2011:1104: libpng security update (Moderate) | ||
Description: | The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1104-01 CESA-2011:1104 CVE-2011-2690 CVE-2011-2692 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | libpng |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22741 | |||
Oval ID: | oval:org.mitre.oval:def:22741 | ||
Title: | ELSA-2011:1104: libpng security update (Moderate) | ||
Description: | The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1104-01 CVE-2011-2690 CVE-2011-2692 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | libpng |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22849 | |||
Oval ID: | oval:org.mitre.oval:def:22849 | ||
Title: | ELSA-2011:1105: libpng security update (Moderate) | ||
Description: | The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1105-01 CVE-2011-2501 CVE-2011-2690 CVE-2011-2692 | Version: | 17 |
Platform(s): | Oracle Linux 6 | Product(s): | libpng |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22904 | |||
Oval ID: | oval:org.mitre.oval:def:22904 | ||
Title: | DEPRECATED: ELSA-2012:0523: libpng security update (Moderate) | ||
Description: | The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0523-01 CVE-2011-3048 | Version: | 7 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | libpng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22984 | |||
Oval ID: | oval:org.mitre.oval:def:22984 | ||
Title: | DEPRECATED: ELSA-2012:0317: libpng security update (Important) | ||
Description: | Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0317-01 CVE-2011-3026 | Version: | 7 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | libpng libpng10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23137 | |||
Oval ID: | oval:org.mitre.oval:def:23137 | ||
Title: | DEPRECATED: ELSA-2012:0407: libpng security update (Moderate) | ||
Description: | Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0407-01 CVE-2011-3045 | Version: | 7 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | libpng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23235 | |||
Oval ID: | oval:org.mitre.oval:def:23235 | ||
Title: | DEPRECATED: ELSA-2012:0143: xulrunner security update (Critical) | ||
Description: | Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0143-01 CVE-2011-3026 | Version: | 7 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | xulrunner |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23341 | |||
Oval ID: | oval:org.mitre.oval:def:23341 | ||
Title: | ELSA-2012:0523: libpng security update (Moderate) | ||
Description: | The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0523-01 CVE-2011-3048 | Version: | 6 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | libpng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23711 | |||
Oval ID: | oval:org.mitre.oval:def:23711 | ||
Title: | ELSA-2012:0317: libpng security update (Important) | ||
Description: | Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0317-01 CVE-2011-3026 | Version: | 6 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | libpng libpng10 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23751 | |||
Oval ID: | oval:org.mitre.oval:def:23751 | ||
Title: | ELSA-2012:0407: libpng security update (Moderate) | ||
Description: | Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0407-01 CVE-2011-3045 | Version: | 6 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | libpng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23786 | |||
Oval ID: | oval:org.mitre.oval:def:23786 | ||
Title: | ELSA-2012:0143: xulrunner security update (Critical) | ||
Description: | Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0143-01 CVE-2011-3026 | Version: | 6 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | xulrunner |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23849 | |||
Oval ID: | oval:org.mitre.oval:def:23849 | ||
Title: | ELSA-2012:0140: thunderbird security update (Critical) | ||
Description: | Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0140-01 CVE-2011-3026 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27429 | |||
Oval ID: | oval:org.mitre.oval:def:27429 | ||
Title: | DEPRECATED: ELSA-2011-1105 -- libpng security update (moderate) | ||
Description: | [2:1.2.46-1] - Update to libpng 1.2.46, includes fixes for CVE-2011-2501, CVE-2011-2690, CVE-2011-2691, CVE-2011-2692 Resolves: #721305 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-1105 CVE-2011-2501 CVE-2011-2690 CVE-2011-2692 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | libpng |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27462 | |||
Oval ID: | oval:org.mitre.oval:def:27462 | ||
Title: | DEPRECATED: ELSA-2012-0523 -- libpng security update (moderate) | ||
Description: | [2:1.2.49-1] - Update to libpng 1.2.49, for minor security issues (CVE-2011-3048) Resolves: #812714 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0523 CVE-2011-3048 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | libpng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27649 | |||
Oval ID: | oval:org.mitre.oval:def:27649 | ||
Title: | DEPRECATED: ELSA-2012-0140 -- thunderbird security update (critical) | ||
Description: | [3.1.18-2.0.1.el6_2] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball [3.1.18-2] - added fix for mozbz#727401 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0140 CVE-2011-3026 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27682 | |||
Oval ID: | oval:org.mitre.oval:def:27682 | ||
Title: | DEPRECATED: ELSA-2012-0407 -- libpng security update (moderate) | ||
Description: | [2:1.2.48-1] - Update to libpng 1.2.48, for minor security issues (CVE-2011-3045) Resolves: #801663 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0407 CVE-2011-3045 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | libpng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27815 | |||
Oval ID: | oval:org.mitre.oval:def:27815 | ||
Title: | DEPRECATED: ELSA-2012-0143 -- xulrunner security update (critical) | ||
Description: | [1.9.2.26-2.0.1.el6_2] - Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js [1.9.2.26-2] - added fix for mozbz#727401 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0143 CVE-2011-3026 | Version: | 4 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | xulrunner |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:28036 | |||
Oval ID: | oval:org.mitre.oval:def:28036 | ||
Title: | DEPRECATED: ELSA-2011-1104 -- libpng security update (moderate) | ||
Description: | [2:1.2.10-7.1.el5_7.5] - Install the correct fix for CVE-2011-2690 Resolves: #721303 [2:1.2.10-7.1.el5_7.4] - Back-port fixes for CVE-2011-2690, CVE-2011-2692 Note: CVE-2011-2691, announced at the same time, does not apply to 1.2.10; likewise for CVE-2011-2501 Resolves: #721303 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-1104 CVE-2011-2690 CVE-2011-2692 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | libpng |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2013-09-18 | Name : Debian Security Advisory DSA 2439-1 (libpng - buffer overflow) File : nvt/deb_2439_1.nasl |
2012-12-13 | Name : SuSE Update for update openSUSE-SU-2012:0466-1 (update) File : nvt/gb_suse_2012_0466_1.nasl |
2012-10-23 | Name : Fedora Update for mingw-libpng FEDORA-2012-15613 File : nvt/gb_fedora_2012_15613_mingw-libpng_fc17.nasl |
2012-09-25 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004) File : nvt/gb_macosx_su12-004.nasl |
2012-09-10 | Name : Slackware Advisory SSA:2012-206-01 libpng File : nvt/esoft_slk_ssa_2012_206_01.nasl |
2012-08-30 | Name : Fedora Update for libpng FEDORA-2012-1892 File : nvt/gb_fedora_2012_1892_libpng_fc17.nasl |
2012-08-30 | Name : Fedora Update for libpng FEDORA-2012-5526 File : nvt/gb_fedora_2012_5526_libpng_fc17.nasl |
2012-08-30 | Name : Fedora Update for thunderbird FEDORA-2012-4910 File : nvt/gb_fedora_2012_4910_thunderbird_fc17.nasl |
2012-08-30 | Name : Fedora Update for libpng10 FEDORA-2012-4902 File : nvt/gb_fedora_2012_4902_libpng10_fc17.nasl |
2012-08-30 | Name : Fedora Update for libpng FEDORA-2012-3605 File : nvt/gb_fedora_2012_3605_libpng_fc17.nasl |
2012-08-30 | Name : Fedora Update for libpng10 FEDORA-2012-3507 File : nvt/gb_fedora_2012_3507_libpng10_fc17.nasl |
2012-08-30 | Name : Fedora Update for libpng10 FEDORA-2012-2003 File : nvt/gb_fedora_2012_2003_libpng10_fc17.nasl |
2012-08-30 | Name : Fedora Update for xulrunner FEDORA-2012-1800 File : nvt/gb_fedora_2012_1800_xulrunner_fc17.nasl |
2012-08-30 | Name : Fedora Update for thunderbird FEDORA-2012-1794 File : nvt/gb_fedora_2012_1794_thunderbird_fc17.nasl |
2012-08-10 | Name : Gentoo Security Advisory GLSA 201206-15 (libpng) File : nvt/glsa_201206_15.nasl |
2012-08-03 | Name : Mandriva Update for mozilla MDVSA-2012:022 (mozilla) File : nvt/gb_mandriva_MDVSA_2012_022_firefox.nasl |
2012-08-03 | Name : Mandriva Update for libpng MDVSA-2012:033 (libpng) File : nvt/gb_mandriva_MDVSA_2012_033.nasl |
2012-08-03 | Name : Mandriva Update for libpng MDVSA-2012:046 (libpng) File : nvt/gb_mandriva_MDVSA_2012_046.nasl |
2012-08-02 | Name : SuSE Update for mozilla-xulrunner192 openSUSE-SU-2012:0297-1 (mozilla-xulrunn... File : nvt/gb_suse_2012_0297_1.nasl |
2012-08-02 | Name : SuSE Update for libpng12 openSUSE-SU-2012:0316-1 (libpng12) File : nvt/gb_suse_2012_0316_1.nasl |
2012-07-30 | Name : CentOS Update for xulrunner CESA-2012:0143 centos5 File : nvt/gb_CESA-2012_0143_xulrunner_centos5.nasl |
2012-07-30 | Name : CentOS Update for libpng10 CESA-2011:1103 centos4 x86_64 File : nvt/gb_CESA-2011_1103_libpng10_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for firefox CESA-2012:0142 centos4 File : nvt/gb_CESA-2012_0142_firefox_centos4.nasl |
2012-07-30 | Name : CentOS Update for libpng CESA-2011:1104 centos5 x86_64 File : nvt/gb_CESA-2011_1104_libpng_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for thunderbird CESA-2012:0140 centos6 File : nvt/gb_CESA-2012_0140_thunderbird_centos6.nasl |
2012-07-30 | Name : CentOS Update for seamonkey CESA-2012:0141 centos4 File : nvt/gb_CESA-2012_0141_seamonkey_centos4.nasl |
2012-07-30 | Name : CentOS Update for libpng CESA-2012:0523 centos6 File : nvt/gb_CESA-2012_0523_libpng_centos6.nasl |
2012-07-30 | Name : CentOS Update for libpng CESA-2012:0523 centos5 File : nvt/gb_CESA-2012_0523_libpng_centos5.nasl |
2012-07-30 | Name : CentOS Update for libpng CESA-2012:0407 centos6 File : nvt/gb_CESA-2012_0407_libpng_centos6.nasl |
2012-07-30 | Name : CentOS Update for xulrunner CESA-2012:0143 centos6 File : nvt/gb_CESA-2012_0143_xulrunner_centos6.nasl |
2012-07-30 | Name : CentOS Update for libpng CESA-2012:0407 centos5 File : nvt/gb_CESA-2012_0407_libpng_centos5.nasl |
2012-07-30 | Name : CentOS Update for libpng CESA-2012:0317 centos6 File : nvt/gb_CESA-2012_0317_libpng_centos6.nasl |
2012-07-30 | Name : CentOS Update for libpng10 CESA-2012:0317 centos4 File : nvt/gb_CESA-2012_0317_libpng10_centos4.nasl |
2012-07-30 | Name : CentOS Update for libpng CESA-2012:0317 centos4 File : nvt/gb_CESA-2012_0317_libpng_centos4.nasl |
2012-07-30 | Name : CentOS Update for libpng CESA-2012:0317 centos5 File : nvt/gb_CESA-2012_0317_libpng_centos5.nasl |
2012-07-09 | Name : RedHat Update for libpng RHSA-2011:1105-01 File : nvt/gb_RHSA-2011_1105-01_libpng.nasl |
2012-07-09 | Name : RedHat Update for thunderbird RHSA-2012:0140-01 File : nvt/gb_RHSA-2012_0140-01_thunderbird.nasl |
2012-05-18 | Name : Mac OS X Multiple Vulnerabilities (2012-002) File : nvt/gb_macosx_su12-002.nasl |
2012-04-30 | Name : Debian Security Advisory DSA 2446-1 (libpng) File : nvt/deb_2446_1.nasl |
2012-04-30 | Name : FreeBSD Ports: chromium File : nvt/freebsd_chromium10.nasl |
2012-04-30 | Name : FreeBSD Ports: png File : nvt/freebsd_png5.nasl |
2012-04-26 | Name : Fedora Update for libpng FEDORA-2012-5515 File : nvt/gb_fedora_2012_5515_libpng_fc15.nasl |
2012-04-26 | Name : Fedora Update for libpng FEDORA-2012-5518 File : nvt/gb_fedora_2012_5518_libpng_fc16.nasl |
2012-04-26 | Name : RedHat Update for libpng RHSA-2012:0523-01 File : nvt/gb_RHSA-2012_0523-01_libpng.nasl |
2012-04-11 | Name : Fedora Update for libpng10 FEDORA-2012-5079 File : nvt/gb_fedora_2012_5079_libpng10_fc15.nasl |
2012-04-11 | Name : Fedora Update for libpng10 FEDORA-2012-5080 File : nvt/gb_fedora_2012_5080_libpng10_fc16.nasl |
2012-04-11 | Name : Ubuntu Update for libpng USN-1417-1 File : nvt/gb_ubuntu_USN_1417_1.nasl |
2012-04-11 | Name : Fedora Update for thunderbird FEDORA-2012-5068 File : nvt/gb_fedora_2012_5068_thunderbird_fc15.nasl |
2012-04-02 | Name : Fedora Update for thunderbird FEDORA-2012-5028 File : nvt/gb_fedora_2012_5028_thunderbird_fc16.nasl |
2012-04-02 | Name : Fedora Update for libpng FEDORA-2012-3705 File : nvt/gb_fedora_2012_3705_libpng_fc15.nasl |
2012-04-02 | Name : Fedora Update for libpng10 FEDORA-2012-3545 File : nvt/gb_fedora_2012_3545_libpng10_fc16.nasl |
2012-04-02 | Name : Fedora Update for libpng10 FEDORA-2012-3536 File : nvt/gb_fedora_2012_3536_libpng10_fc15.nasl |
2012-04-02 | Name : Fedora Update for xulrunner FEDORA-2012-1856 File : nvt/gb_fedora_2012_1856_xulrunner_fc16.nasl |
2012-04-02 | Name : Fedora Update for thunderbird FEDORA-2012-1844 File : nvt/gb_fedora_2012_1844_thunderbird_fc16.nasl |
2012-03-26 | Name : Google Chrome Multiple Vulnerabilities (Windows) - Mar 12 File : nvt/secpod_google_chrome_mult_vuln_win_mar12.nasl |
2012-03-26 | Name : Google Chrome Multiple Vulnerabilities (MAC OS X) - Mar 12 File : nvt/secpod_google_chrome_mult_vuln_macosx_mar12.nasl |
2012-03-26 | Name : Google Chrome Multiple Vulnerabilities (Linux) - Mar 12 File : nvt/secpod_google_chrome_mult_vuln_lin_mar12.nasl |
2012-03-26 | Name : Ubuntu Update for libpng USN-1402-1 File : nvt/gb_ubuntu_USN_1402_1.nasl |
2012-03-26 | Name : Fedora Update for libpng FEDORA-2012-3739 File : nvt/gb_fedora_2012_3739_libpng_fc16.nasl |
2012-03-22 | Name : RedHat Update for libpng RHSA-2012:0407-01 File : nvt/gb_RHSA-2012_0407-01_libpng.nasl |
2012-03-19 | Name : Fedora Update for libpng10 FEDORA-2012-2028 File : nvt/gb_fedora_2012_2028_libpng10_fc16.nasl |
2012-03-19 | Name : Fedora Update for libpng FEDORA-2012-1922 File : nvt/gb_fedora_2012_1922_libpng_fc16.nasl |
2012-03-16 | Name : Ubuntu Update for thunderbird USN-1369-1 File : nvt/gb_ubuntu_USN_1369_1.nasl |
2012-03-12 | Name : Debian Security Advisory DSA 2410-1 (libpng) File : nvt/deb_2410_1.nasl |
2012-03-12 | Name : FreeBSD Ports: chromium File : nvt/freebsd_chromium7.nasl |
2012-03-12 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox64.nasl |
2012-03-09 | Name : Mandriva Update for libpng MDVSA-2012:022 (libpng) File : nvt/gb_mandriva_MDVSA_2012_022.nasl |
2012-03-07 | Name : Fedora Update for libpng10 FEDORA-2012-2008 File : nvt/gb_fedora_2012_2008_libpng10_fc15.nasl |
2012-03-07 | Name : Fedora Update for libpng FEDORA-2012-1930 File : nvt/gb_fedora_2012_1930_libpng_fc15.nasl |
2012-03-07 | Name : Fedora Update for xulrunner FEDORA-2012-1845 File : nvt/gb_fedora_2012_1845_xulrunner_fc15.nasl |
2012-03-07 | Name : Mandriva Update for mozilla MDVSA-2012:022-1 (mozilla) File : nvt/gb_mandriva_MDVSA_2012_022_1.nasl |
2012-02-21 | Name : RedHat Update for libpng RHSA-2012:0317-01 File : nvt/gb_RHSA-2012_0317-01_libpng.nasl |
2012-02-21 | Name : Ubuntu Update for xulrunner-1.9.2 USN-1367-4 File : nvt/gb_ubuntu_USN_1367_4.nasl |
2012-02-21 | Name : Ubuntu Update for thunderbird USN-1367-3 File : nvt/gb_ubuntu_USN_1367_3.nasl |
2012-02-21 | Name : Ubuntu Update for firefox USN-1367-2 File : nvt/gb_ubuntu_USN_1367_2.nasl |
2012-02-21 | Name : Ubuntu Update for libpng USN-1367-1 File : nvt/gb_ubuntu_USN_1367_1.nasl |
2012-02-21 | Name : RedHat Update for firefox RHSA-2012:0142-01 File : nvt/gb_RHSA-2012_0142-01_firefox.nasl |
2012-02-21 | Name : RedHat Update for xulrunner RHSA-2012:0143-01 File : nvt/gb_RHSA-2012_0143-01_xulrunner.nasl |
2012-02-21 | Name : Google Chrome Multiple Vulnerabilities - February 12 (Linux 01) File : nvt/gb_google_chrome_mult_vuln_feb12_lin01.nasl |
2012-02-21 | Name : Google Chrome Multiple Vulnerabilities - February 12 (MAC OS X 01) File : nvt/gb_google_chrome_mult_vuln_feb12_macosx01.nasl |
2012-02-21 | Name : Google Chrome Multiple Vulnerabilities - February 12 (Windows 01) File : nvt/gb_google_chrome_mult_vuln_feb12_win01.nasl |
2011-10-21 | Name : Mandriva Update for libpng MDVSA-2011:151 (libpng) File : nvt/gb_mandriva_MDVSA_2011_151.nasl |
2011-10-20 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006) File : nvt/gb_macosx_su11-006.nasl |
2011-09-23 | Name : CentOS Update for libpng CESA-2011:1104 centos5 i386 File : nvt/gb_CESA-2011_1104_libpng_centos5_i386.nasl |
2011-08-31 | Name : Fedora Update for mingw32-libpng FEDORA-2011-10928 File : nvt/gb_fedora_2011_10928_mingw32-libpng_fc15.nasl |
2011-08-31 | Name : Fedora Update for mingw32-libpng FEDORA-2011-10954 File : nvt/gb_fedora_2011_10954_mingw32-libpng_fc14.nasl |
2011-08-18 | Name : CentOS Update for libpng10 CESA-2011:1103 centos4 i386 File : nvt/gb_CESA-2011_1103_libpng10_centos4_i386.nasl |
2011-08-07 | Name : Debian Security Advisory DSA 2287-1 (libpng) File : nvt/deb_2287_1.nasl |
2011-08-02 | Name : Ubuntu Update for libpng USN-1175-1 File : nvt/gb_ubuntu_USN_1175_1.nasl |
2011-08-02 | Name : Fedora Update for libpng FEDORA-2011-9336 File : nvt/gb_fedora_2011_9336_libpng_fc14.nasl |
2011-08-02 | Name : RedHat Update for libpng RHSA-2011:1104-01 File : nvt/gb_RHSA-2011_1104-01_libpng.nasl |
2011-08-02 | Name : RedHat Update for libpng RHSA-2011:1103-01 File : nvt/gb_RHSA-2011_1103-01_libpng.nasl |
2011-07-27 | Name : Fedora Update for libpng10 FEDORA-2011-8867 File : nvt/gb_fedora_2011_8867_libpng10_fc14.nasl |
2011-07-27 | Name : Fedora Update for libpng10 FEDORA-2011-8844 File : nvt/gb_fedora_2011_8844_libpng10_fc15.nasl |
2011-07-22 | Name : Fedora Update for libpng FEDORA-2011-9343 File : nvt/gb_fedora_2011_9343_libpng_fc15.nasl |
2011-07-18 | Name : Fedora Update for mingw32-libpng FEDORA-2011-8868 File : nvt/gb_fedora_2011_8868_mingw32-libpng_fc14.nasl |
2011-07-18 | Name : Fedora Update for mingw32-libpng FEDORA-2011-8874 File : nvt/gb_fedora_2011_8874_mingw32-libpng_fc15.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
74757 | libpng Unspecified Issue |
73984 | libpng png_rgb_to_gray Function PNG File Handling Overflow |
73983 | libpng pngerror.c png_err Function NULL Argument PNG File Handling DoS |
73982 | libpng pngrutil.c png_handle_sCAL Function PNG File Handling Memory Corruptio... |
73493 | libpng pngerror.c png_format_buffer() Off-by-one PNG Image Handling Remote DoS |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 25066 - Revision : 4 - Type : FILE-IMAGE |
2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 25065 - Revision : 5 - Type : FILE-IMAGE |
2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 22109 - Revision : 10 - Type : FILE-IMAGE |
2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 22108 - Revision : 10 - Type : FILE-IMAGE |
2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 22107 - Revision : 10 - Type : FILE-IMAGE |
2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 22106 - Revision : 11 - Type : FILE-IMAGE |
2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 22105 - Revision : 12 - Type : FILE-IMAGE |
2014-01-10 | libpng chunk decompression integer overflow attempt RuleID : 22104 - Revision : 11 - Type : FILE-IMAGE |
2014-01-10 | libpng png_inflate buffer overflow attempt RuleID : 21990 - Revision : 4 - Type : FILE-IMAGE |
2014-01-10 | libpng png_inflate buffer overflow attempt RuleID : 21989 - Revision : 4 - Type : FILE-IMAGE |
2014-01-10 | libpng png_inflate buffer overflow attempt RuleID : 21988 - Revision : 4 - Type : FILE-IMAGE |
2014-01-10 | libpng png_inflate buffer overflow attempt RuleID : 21987 - Revision : 4 - Type : FILE-IMAGE |
2014-01-10 | libpng png_inflate buffer overflow attempt RuleID : 21986 - Revision : 4 - Type : FILE-IMAGE |
2014-01-10 | libpng png_inflate buffer overflow attempt RuleID : 21985 - Revision : 4 - Type : FILE-IMAGE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_libpng_20130313.nasl - Type : ACT_GATHER_INFO |
2014-11-28 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL15881.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0488.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-120.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-137.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-142.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-186.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-207.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-217.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libpng12-110802.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libpng14-110802.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_MozillaFirefox-120217.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_MozillaThunderbird-120217.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libpng12-110802.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libpng12-120220.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libpng14-110802.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libpng14-120220.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_mozilla-js192-120217.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_seamonkey-120217.nasl - Type : ACT_GATHER_INFO |
2013-11-13 | Name : The remote VMware ESXi 5.0 host is affected by multiple vulnerabilities. File : vmware_esxi_5_0_build_912577_remote.nasl - Type : ACT_GATHER_INFO |
2013-11-13 | Name : The remote VMware ESXi 5.1 host is affected by multiple security vulnerabilit... File : vmware_esxi_5_1_build_911593_remote.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-49.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-56.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-68.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1103.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1104.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1105.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2012-0140.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0141.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2012-0142.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0143.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0317.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0407.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0523.nasl - Type : ACT_GATHER_INFO |
2013-01-31 | Name : The remote host has software installed that is potentially affected by an int... File : ibm_informix_genero_2_41.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libpng-devel-120330.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-10-22 | Name : The remote Fedora host is missing a security update. File : fedora_2012-15613.nasl - Type : ACT_GATHER_INFO |
2012-10-11 | Name : The remote Fedora host is missing a security update. File : fedora_2012-15592.nasl - Type : ACT_GATHER_INFO |
2012-09-27 | Name : The remote device is affected by multiple vulnerabilities. File : appletv_5_1.nasl - Type : ACT_GATHER_INFO |
2012-09-26 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_98690c45036111e2a391000c29033c32.nasl - Type : ACT_GATHER_INFO |
2012-09-20 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_10_7_5.nasl - Type : ACT_GATHER_INFO |
2012-09-20 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2012-004.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110728_libpng_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110728_libpng_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110728_libpng_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120216_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120216_xulrunner_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120220_libpng_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120320_libpng_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120425_libpng_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-07-25 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2012-206-01.nasl - Type : ACT_GATHER_INFO |
2012-06-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201206-15.nasl - Type : ACT_GATHER_INFO |
2012-06-14 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libpng-8043.nasl - Type : ACT_GATHER_INFO |
2012-05-10 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2012-002.nasl - Type : ACT_GATHER_INFO |
2012-04-26 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0523.nasl - Type : ACT_GATHER_INFO |
2012-04-26 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0523.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote Fedora host is missing a security update. File : fedora_2012-5515.nasl - Type : ACT_GATHER_INFO |
2012-04-25 | Name : The remote Fedora host is missing a security update. File : fedora_2012-5518.nasl - Type : ACT_GATHER_INFO |
2012-04-12 | Name : The remote Fedora host is missing a security update. File : fedora_2012-4902.nasl - Type : ACT_GATHER_INFO |
2012-04-12 | Name : The remote Fedora host is missing a security update. File : fedora_2012-4910.nasl - Type : ACT_GATHER_INFO |
2012-04-12 | Name : The remote Fedora host is missing a security update. File : fedora_2012-5526.nasl - Type : ACT_GATHER_INFO |
2012-04-09 | Name : The remote Fedora host is missing a security update. File : fedora_2012-5068.nasl - Type : ACT_GATHER_INFO |
2012-04-09 | Name : The remote Fedora host is missing a security update. File : fedora_2012-5079.nasl - Type : ACT_GATHER_INFO |
2012-04-09 | Name : The remote Fedora host is missing a security update. File : fedora_2012-5080.nasl - Type : ACT_GATHER_INFO |
2012-04-09 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_262b92fe81c811e18899001ec9578670.nasl - Type : ACT_GATHER_INFO |
2012-04-06 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1417-1.nasl - Type : ACT_GATHER_INFO |
2012-04-05 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2446.nasl - Type : ACT_GATHER_INFO |
2012-04-02 | Name : The remote Fedora host is missing a security update. File : fedora_2012-3705.nasl - Type : ACT_GATHER_INFO |
2012-04-02 | Name : The remote Fedora host is missing a security update. File : fedora_2012-5028.nasl - Type : ACT_GATHER_INFO |
2012-04-02 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-046.nasl - Type : ACT_GATHER_INFO |
2012-03-26 | Name : The remote Fedora host is missing a security update. File : fedora_2012-3739.nasl - Type : ACT_GATHER_INFO |
2012-03-23 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2439.nasl - Type : ACT_GATHER_INFO |
2012-03-23 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_330106da740611e1a1d700262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
2012-03-23 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1402-1.nasl - Type : ACT_GATHER_INFO |
2012-03-22 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_17_0_963_83.nasl - Type : ACT_GATHER_INFO |
2012-03-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-033.nasl - Type : ACT_GATHER_INFO |
2012-03-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0407.nasl - Type : ACT_GATHER_INFO |
2012-03-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0407.nasl - Type : ACT_GATHER_INFO |
2012-03-19 | Name : The remote Fedora host is missing a security update. File : fedora_2012-3536.nasl - Type : ACT_GATHER_INFO |
2012-03-19 | Name : The remote Fedora host is missing a security update. File : fedora_2012-3545.nasl - Type : ACT_GATHER_INFO |
2012-03-19 | Name : The remote Fedora host is missing a security update. File : fedora_2012-3605.nasl - Type : ACT_GATHER_INFO |
2012-03-14 | Name : The remote Fedora host is missing a security update. File : fedora_2012-3507.nasl - Type : ACT_GATHER_INFO |
2012-03-07 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1845.nasl - Type : ACT_GATHER_INFO |
2012-03-02 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1800.nasl - Type : ACT_GATHER_INFO |
2012-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1794.nasl - Type : ACT_GATHER_INFO |
2012-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1892.nasl - Type : ACT_GATHER_INFO |
2012-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1930.nasl - Type : ACT_GATHER_INFO |
2012-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2012-2003.nasl - Type : ACT_GATHER_INFO |
2012-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2012-2008.nasl - Type : ACT_GATHER_INFO |
2012-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2012-2028.nasl - Type : ACT_GATHER_INFO |
2012-02-29 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libpng-devel-120221.nasl - Type : ACT_GATHER_INFO |
2012-02-29 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libpng-7980.nasl - Type : ACT_GATHER_INFO |
2012-02-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_MozillaFirefox-120220.nasl - Type : ACT_GATHER_INFO |
2012-02-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_mozilla-xulrunner192-120220.nasl - Type : ACT_GATHER_INFO |
2012-02-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_MozillaFirefox-7981.nasl - Type : ACT_GATHER_INFO |
2012-02-23 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1844.nasl - Type : ACT_GATHER_INFO |
2012-02-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-022.nasl - Type : ACT_GATHER_INFO |
2012-02-21 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2012-0140.nasl - Type : ACT_GATHER_INFO |
2012-02-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0317.nasl - Type : ACT_GATHER_INFO |
2012-02-21 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1922.nasl - Type : ACT_GATHER_INFO |
2012-02-21 | Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_10_0_2.nasl - Type : ACT_GATHER_INFO |
2012-02-21 | Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_3_6_27.nasl - Type : ACT_GATHER_INFO |
2012-02-21 | Name : The remote Mac OS X host contains an email client that is potentially affecte... File : macosx_thunderbird_10_0_2.nasl - Type : ACT_GATHER_INFO |
2012-02-21 | Name : The remote Mac OS X host contains an email client that is potentially affecte... File : macosx_thunderbird_3_1_19.nasl - Type : ACT_GATHER_INFO |
2012-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0317.nasl - Type : ACT_GATHER_INFO |
2012-02-20 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1856.nasl - Type : ACT_GATHER_INFO |
2012-02-20 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_d7dbd2db599c11e1a2fb14dae9ebcf89.nasl - Type : ACT_GATHER_INFO |
2012-02-20 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1367-2.nasl - Type : ACT_GATHER_INFO |
2012-02-20 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1367-3.nasl - Type : ACT_GATHER_INFO |
2012-02-20 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1367-4.nasl - Type : ACT_GATHER_INFO |
2012-02-20 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1369-1.nasl - Type : ACT_GATHER_INFO |
2012-02-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0141.nasl - Type : ACT_GATHER_INFO |
2012-02-17 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2012-0142.nasl - Type : ACT_GATHER_INFO |
2012-02-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0143.nasl - Type : ACT_GATHER_INFO |
2012-02-17 | Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_1002.nasl - Type : ACT_GATHER_INFO |
2012-02-17 | Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_3627.nasl - Type : ACT_GATHER_INFO |
2012-02-17 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_1002.nasl - Type : ACT_GATHER_INFO |
2012-02-17 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_3119.nasl - Type : ACT_GATHER_INFO |
2012-02-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0140.nasl - Type : ACT_GATHER_INFO |
2012-02-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0141.nasl - Type : ACT_GATHER_INFO |
2012-02-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2012-0142.nasl - Type : ACT_GATHER_INFO |
2012-02-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0143.nasl - Type : ACT_GATHER_INFO |
2012-02-17 | Name : The remote Windows host contains a web browser that is affected by an integer... File : seamonkey_272.nasl - Type : ACT_GATHER_INFO |
2012-02-17 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1367-1.nasl - Type : ACT_GATHER_INFO |
2012-02-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2410.nasl - Type : ACT_GATHER_INFO |
2012-02-16 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_2f5ff968582911e1828800262d5ed8ee.nasl - Type : ACT_GATHER_INFO |
2012-02-16 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_17_0_963_56.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libpng-7670.nasl - Type : ACT_GATHER_INFO |
2011-10-18 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-151.nasl - Type : ACT_GATHER_INFO |
2011-10-13 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_7_2.nasl - Type : ACT_GATHER_INFO |
2011-10-13 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2011-006.nasl - Type : ACT_GATHER_INFO |
2011-09-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1104.nasl - Type : ACT_GATHER_INFO |
2011-08-29 | Name : The remote Fedora host is missing a security update. File : fedora_2011-10928.nasl - Type : ACT_GATHER_INFO |
2011-08-29 | Name : The remote Fedora host is missing a security update. File : fedora_2011-10954.nasl - Type : ACT_GATHER_INFO |
2011-08-18 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12815.nasl - Type : ACT_GATHER_INFO |
2011-08-18 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libpng-devel-110802.nasl - Type : ACT_GATHER_INFO |
2011-08-18 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_libpng-7669.nasl - Type : ACT_GATHER_INFO |
2011-08-15 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1103.nasl - Type : ACT_GATHER_INFO |
2011-08-01 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2011-210-01.nasl - Type : ACT_GATHER_INFO |
2011-08-01 | Name : The remote Fedora host is missing a security update. File : fedora_2011-9336.nasl - Type : ACT_GATHER_INFO |
2011-07-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2287.nasl - Type : ACT_GATHER_INFO |
2011-07-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1103.nasl - Type : ACT_GATHER_INFO |
2011-07-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1104.nasl - Type : ACT_GATHER_INFO |
2011-07-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1105.nasl - Type : ACT_GATHER_INFO |
2011-07-27 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1175-1.nasl - Type : ACT_GATHER_INFO |
2011-07-25 | Name : The remote Fedora host is missing a security update. File : fedora_2011-8844.nasl - Type : ACT_GATHER_INFO |
2011-07-25 | Name : The remote Fedora host is missing a security update. File : fedora_2011-8867.nasl - Type : ACT_GATHER_INFO |
2011-07-19 | Name : The remote Fedora host is missing a security update. File : fedora_2011-9343.nasl - Type : ACT_GATHER_INFO |
2011-07-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-8868.nasl - Type : ACT_GATHER_INFO |
2011-07-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-8874.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:37:23 |
|