FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

png -- memory corruption/possible remote code execution

Affected packages
linux-f10-png < 1.4.11
png < 1.4.11


VuXML ID 262b92fe-81c8-11e1-8899-001ec9578670
Discovery 2012-03-29
Entry 2012-04-08

The PNG project reports:

libpng fails to correctly handle malloc() failures for text chunks (in png_set_text_2()), which can lead to memory corruption and the possibility of remote code execution.


CVE Name CVE-2011-3048