CVE-2022-35019

Advancecomp v2.3 was discovered to contain a segmentation fault...

CVE-2022-35014

Advancecomp v2.3 contains a segmentation fault...

CVE-2022-35015

Advancecomp v2.3 was discovered to contain a heap buffer overflow via leuint32read at /lib/endianrw.h...

CVE-2022-35017

Advancecomp v2.3 was discovered to contain a heap buffer overflow...

Mageia: Security Advisory (MGASA-2019-0128)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2020-0008)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0141)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2868-1 : advancecomp - LTS security update

The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2868 advisory. - An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use thi...

Debian: Security Advisory (DLA-2868-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2868-1] advancecomp security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2868-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk December 29, 2021 https://wiki.debian.org/LTS -...

DLA-2868-1 advancecomp - security update

Bulletin has no description...

In AdvanceCOMP 2.1 png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size which results in an attempted memcpy to write into a buffer that is too small. (There is also a heap-based buffer over-read.)

...

NewStart CGSL CORE 5.04 / MAIN 5.04 : advancecomp Multiple Vulnerabilities (NS-SA-2020-0069)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has advancecomp packages installed that are affected by multiple vulnerabilities: - An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function advpngunfilter8 in lib/png.c. It can be...

NewStart CGSL CORE 5.05 / MAIN 5.05 : advancecomp Multiple Vulnerabilities (NS-SA-2020-0101)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has advancecomp packages installed that are affected by multiple vulnerabilities: - An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function advpngunfilter8 in lib/png.c. It can be...

Amazon Linux 2 : advancecomp (ALAS-2020-1450)

The version of advancecomp installed on the remote host is prior to 1.15-22. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1450 advisory. In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which...

Medium: advancecomp

Issue Overview: In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. There is also a heap-based buffer over-read. CVE-2019-9210 Affected Packages:...

The vulnerability of the png_compress function in the AdvanceCOMP archive packaging tool allows a hacker to execute arbitrary code.

The vulnerability of the pngcompress function in the AdvanceCOMP archive packaging tool is caused by a numerical overflow. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

Scientific Linux Security Update : advancecomp on SL7.x x86_64 (20200407)

advancecomp: integer overflow in pngcompress in pngex.cc C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid135798; scriptversion"1.3"; scriptsetattributeattribute:"pluginmodificationdate", value:"2024/03/15";...

CentOS 7 : advancecomp (RHSA-2020:1037)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:1037 advisory. - In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to...

advancecomp security update

CentOS Errata and Security Advisory CESA-2020:1037 An update for advancecomp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...