DLA-1702-1 advancecomp - security update

Bulletin has no description...

CVE-2019-9210

In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. There is also a heap-based buffer over-read...

AZL-7167 CVE-2019-9210 affecting package advancecomp for versions less than 2.1-14

In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. There is also a heap-based buffer over-read...

AZL-6303 CVE-2019-9210 affecting package advancecomp for versions less than 2.1-14

In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. There is also a heap-based buffer over-read...

CVE-2019-9210

In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. There is also a heap-based buffer over-read...

DEBIAN-CVE-2019-9210

In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. There is also a heap-based buffer over-read...

Integer overflow

In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. There is also a heap-based buffer over-read...

CVE-2019-9210

In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. There is also a heap-based buffer over-read...

CVE-2019-9210

CVE-2019-9210 affects the AdvanceCOMP recompression utilities. The flaw is in pngex.cc, inside advpng’s png_compress, where an invalid PNG size can trigger an integer overflow and lead to an attempted memcpy into a too-small buffer, with a heap-based buffer over-read also reported. A patched vers...

CVE-2019-9210

In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. There is also a heap-based buffer over-read...

CVE-2019-9210

In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. There is also a heap-based buffer over-read...

CVE-2019-9210

In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. There is also a heap-based buffer over-read...

PT-2019-5304 · Advancecomp +4 · Advancecomp +4

Name of the Vulnerable Software and Affected Versions: AdvanceCOMP version 2.1 Description: The issue is caused by an integer overflow in the png compress function in pngex.cc of the AdvanceCOMP utility. This overflow occurs when encountering an invalid PNG size, leading to an attempted memcpy in...

CVE-2019-9210

In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. There is also a heap-based buffer over-read...

UBUNTU-CVE-2019-9210

In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. There is also a heap-based buffer over-read...

AdvanceCOMP Null Pointer Dereference Vulnerability

AdvanceCOMP is a set of cross-platform command-line data compression tools. A null pointer dereference vulnerability exists in the beuint32read function in endianrw.h in AdvanceCOMP 2.1. An attacker could use this vulnerability to cause a denial of service segmentation error or possibly other...

AdvanceCOMP Invalid Memory Access Vulnerability

AdvanceCOMP is a set of cross-platform command-line data compression tools. An invalid memory access vulnerability exists in the advpngunfilter8 function in png.c in AdvanceCOMP 2.1. An attacker can exploit this vulnerability to cause a denial of service segmentation error or possibly other impac...

Null pointer dereference

An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function beuint32read located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service Segmentation fault or possibly have unspecified...

CVE-2019-8383

An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function advpngunfilter8 in lib/png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service Segmentation fault or possibly have unspecified other...

Code injection

An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function advpngunfilter8 in lib/png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service Segmentation fault or possibly have unspecified other...