advancecomp security update

1.15-22 - Resolves: 1686115, integer overflow in pngcompress 1.15-21 - Resolves: 1711051, CVE-2019-8383 denial of service - Resolves: 1710910, CVE-2019-8379 null pointer dereference 1.15-20 - Mass rebuild 2014-01-24 1.15-19 - Mass rebuild 2013-12-27 1.15-18 - Rebuilt for...

Denial Of Service (DoS)

AdvanceCOMP is vulnerable to denial of service DoS. It is due to an integer overflow in pngcompress in pngex.cc...

RHEL 7 : advancecomp (RHSA-2020:1037)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:1037 advisory. AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP files. Security Fixes: advancecomp: integer overflow in pngcompress in pngex....

advancecomp: integer overflow in png_compress in pngex.cc

In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. There is also a heap-based buffer over-read...

Moderate: Red Hat Security Advisory: advancecomp security update

An update for advancecomp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

MGASA-2020-0008 Updated advancecomp packages fix security vulnerability

Updated advancecomp package fixes security vulnerability: An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function advpngunfilter8 in lib/png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Servic...

Updated advancecomp packages fix security vulnerability

Updated advancecomp package fixes security vulnerability: An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function advpngunfilter8 in lib/png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Servic...

Amazon Linux 2 : advancecomp (ALAS-2019-1319)

An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function beuint32read located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service Segmentation fault or possibly have unspecified...

Low: advancecomp

Issue Overview: An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function beuint32read located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service Segmentation fault or possibly ha...

CVE-2019-8383

An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function advpngunfilter8 in lib/png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service Segmentation fault or possibly have unspecified other...

CVE-2019-8379

An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function beuint32read located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service Segmentation fault or possibly have unspecified...

advancecomp security update

CentOS Errata and Security Advisory CESA-2019:2332 An update for advancecomp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CentOS 7 : advancecomp (CESA-2019:2332)

An update for advancecomp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Scientific Linux Security Update : advancecomp on SL7.x x86_64 (20190806)

Security Fixes : - advancecomp: NULL pointer dereference in function beuint32read in endianrw.h CVE-2019-8379 - advancecomp: denial of service in function advpngunfilter8 in lib/png.c CVE-2019-8383 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; i...

advancecomp security update

1.15-21 - Resolves: 1711051, CVE-2019-8383 denial of service - Resolves: 1710910, CVE-2019-8379 null pointer dereference...

RHEL 7 : advancecomp (RHSA-2019:2332)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2332 advisory. AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP files. Security Fixes: advancecomp: null pointer dereference in...

Denial Of Service (DoS)

advancecomp is vulnerable to denial of service DoS. The vulnerability exists through a null pointer dereference in function beuint32read in endianrw.h...

Denial Of Service (DoS)

advancecomp is vulnerable to denial of service DoS. The vulnerability exists in function advpngunfilter8 in lib/png.c...

advancecomp: null pointer dereference in function be_uint32_read() in endianrw.h

An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function beuint32read located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service Segmentation fault or possibly have unspecified...

advancecomp: denial of service in function adv_png_unfilter_8 in lib/png.c

An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function advpngunfilter8 in lib/png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service Segmentation fault or possibly have unspecified other...