CVE-2011-2690

Name: CVE-2011-2690
Creator: NVD / NIST
Published: 2011-07-17T20:55:01.53+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 8.8/10EPSS 3.16%

Last modified Jun 16, 2026

CVE-2011-2690 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have unspecified other impact, via a crafted PNG image.. EPSS estimates a 3.16% chance of exploitation in the next 30 days.

Description

Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have unspecified other impact, via a crafted PNG image.

Metrics

CVSS 3.1

8.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Probability

3.16%

86.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-120

Affected Software

Vendor	Product	Versions
Libpng	Libpng	>= 1.0.0, < 1.0.55
Libpng	Libpng	>= 1.2.0, < 1.2.45
Libpng	Libpng	>= 1.4.0, < 1.4.8
Libpng	Libpng	>= 1.5.0, < 1.5.4
Fedoraproject	Fedora	14
Debian	Debian Linux	5.0
Debian	Debian Linux	6.0
Canonical	Ubuntu Linux	8.04
Canonical	Ubuntu Linux	10.04
Canonical	Ubuntu Linux	10.10
Canonical	Ubuntu Linux	11.04

References

http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.htmlMailing List, Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.htmlMailing List, Third Party Advisory
http://secunia.com/advisories/45046Broken Link
http://secunia.com/advisories/45405Broken Link
http://secunia.com/advisories/45415Broken Link
http://secunia.com/advisories/45460Broken Link
http://secunia.com/advisories/45461Broken Link
http://secunia.com/advisories/45492Broken Link
http://secunia.com/advisories/49660Broken Link
http://security.gentoo.org/glsa/glsa-201206-15.xmlThird Party Advisory
http://support.apple.com/kb/HT5002Third Party Advisory
http://www.debian.org/security/2011/dsa-2287Third Party Advisory
http://www.libpng.org/pub/png/libpng.htmlProduct, Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:151Broken Link
http://www.openwall.com/lists/oss-security/2011/07/13/2Mailing List, Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-1104.htmlBroken Link
http://www.redhat.com/support/errata/RHSA-2011-1105.htmlBroken Link
http://www.securityfocus.com/bid/48660Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/USN-1175-1Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=720607Issue Tracking, Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/68538Third Party Advisory, VDB Entry
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.htmlMailing List, Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.htmlMailing List, Third Party Advisory
http://secunia.com/advisories/45046Broken Link
http://secunia.com/advisories/45405Broken Link
http://secunia.com/advisories/45415Broken Link
http://secunia.com/advisories/45460Broken Link
http://secunia.com/advisories/45461Broken Link
http://secunia.com/advisories/45492Broken Link
http://secunia.com/advisories/49660Broken Link
http://security.gentoo.org/glsa/glsa-201206-15.xmlThird Party Advisory
http://support.apple.com/kb/HT5002Third Party Advisory
http://www.debian.org/security/2011/dsa-2287Third Party Advisory
http://www.libpng.org/pub/png/libpng.htmlProduct, Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:151Broken Link
http://www.openwall.com/lists/oss-security/2011/07/13/2Mailing List, Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2011-1104.htmlBroken Link
http://www.redhat.com/support/errata/RHSA-2011-1105.htmlBroken Link
http://www.securityfocus.com/bid/48660Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/USN-1175-1Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=720607Issue Tracking, Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/68538Third Party Advisory, VDB Entry

Timeline

Published: Jul 17, 2011
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2011-2690?

How severe is CVE-2011-2690?

CVE-2011-2690 has a CVSS score of 8.8/10 (HIGH severity). The EPSS model estimates a 3.16% probability of exploitation in the next 30 days.

How do I fix CVE-2011-2690?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2011-2690?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST