Lucene search
K

323 matches found

FreeBSD
FreeBSD
added 2018/07/29 12:0 a.m.32 views

advancecomp -- multiple vulnerabilities

Joonun Jang reports: heap buffer overflow running advzip with "-l poc" option Running 'advzip -l poc' with the attached file raises heap buffer overflow which may allow a remote attacker to cause unspecified impact including denial-of-service attack. I expected the program to terminate without...

7.8CVSS8AI score0.01424EPSS
Exploits2
OSV
OSV
added 2018/07/27 6:29 p.m.0 views

DEBIAN-CVE-2018-1056

An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files...

7.8CVSS5.3AI score0.01422EPSS
Exploits1References1
NVD
NVD
added 2018/07/27 6:29 p.m.18 views

CVE-2018-1056

An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files...

7.8CVSS5.4AI score0.01422EPSS
Exploits1References7
OSV
OSV
added 2018/07/27 6:29 p.m.21 views

CVE-2018-1056

An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files...

7.8CVSS6.6AI score0.01422EPSS
Exploits1References7
Cvelist
Cvelist
added 2018/07/27 6:0 p.m.30 views

CVE-2018-1056

An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files...

3.3CVSS7.4AI score0.01422EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2018/05/07 12:0 a.m.2 views

PT-2019-18998 · Advancecomp +4 · Advancecomp +4

Name of the Vulnerable Software and Affected Versions: AdvanceCOMP versions prior to 2.1 Description: An issue exists in the function be uint32 read located in endianrw.h, which can cause a NULL pointer dereference. This can be triggered by sending a crafted file to a binary, allowing an attacker...

7.8CVSS4.6AI score0.01424EPSS
Exploits4References37
Fedora
Fedora
added 2018/03/30 1:28 p.m.27 views

[SECURITY] Fedora 28 Update: advancecomp-2.1-4.fc28

AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP fil es. The main features are : Recompress ZIP, PNG and MNG files using the Deflate 7-Zip implementation. Recompress MNG files using Delta and Move optimization. This package contains: advzip - Recompression and test utility...

7.8CVSS1.9AI score0.01422EPSS
Exploits1
OpenVAS
OpenVAS
added 2018/03/17 12:0 a.m.23 views

Fedora Update for advancecomp FEDORA-2018-af30668257

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.6AI score0.01422EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/03/16 12:0 a.m.26 views

Fedora 27 : advancecomp (2018-af30668257)

Security fix for CVE-2018-1056 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...

7.8CVSS5.4AI score0.01422EPSS
Exploits1References2
Fedora
Fedora
added 2018/03/15 3:29 p.m.27 views

[SECURITY] Fedora 27 Update: advancecomp-2.1-4.fc27

AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP fil es. The main features are : Recompress ZIP, PNG and MNG files using the Deflate 7-Zip implementation. Recompress MNG files using Delta and Move optimization. This package contains: advzip - Recompression and test utility...

7.8CVSS1.9AI score0.01422EPSS
Exploits1
OSV
OSV
added 2018/02/24 11:25 p.m.7 views

MGASA-2018-0141 Updated advancecomp packages fix security vulnerability

Joonun Jang discovered a vulnerability in AdvanceCOMP that could be used to crash or run programs if it opened a specially crafted ZIP file...

7.8CVSS7.5AI score0.01422EPSS
Exploits1References2
Mageia
Mageia
added 2018/02/24 11:25 p.m.30 views

Updated advancecomp packages fix security vulnerability

Joonun Jang discovered a vulnerability in AdvanceCOMP that could be used to crash or run programs if it opened a specially crafted ZIP file...

7.8CVSS2.1AI score0.01422EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2018/02/20 12:0 a.m.23 views

Debian: Security Advisory (DLA-1281-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.6AI score0.01422EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2018/02/15 12:0 a.m.26 views

Ubuntu 14.04 LTS / 16.04 LTS : AdvanceCOMP vulnerability (USN-3570-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3570-1 advisory. Joonun Jang discovered that AdvanceCOMP incorrectly handled certain malformed zip files. If a user or automated system were tricked into processing a...

7.8CVSS6AI score0.01422EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2018/02/15 12:0 a.m.22 views

Ubuntu: Security Advisory (USN-3570-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.6AI score0.01422EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2018/02/14 2:43 p.m.65 views

USN-3570-1: AdvanceCOMP vulnerability

Joonun Jang discovered that AdvanceCOMP incorrectly handled certain malformed zip files. If a user or automated system were tricked into processing a specially crafted zip file, a remote attacker could cause AdvanceCOMP to crash, resulting in a denial of service, or possibly execute arbitrary cod...

7.8CVSS5.7AI score0.01422EPSS
Exploits1
OSV
OSV
added 2018/02/14 2:43 p.m.1 views

USN-3570-1 advancecomp vulnerability

Joonun Jang discovered that AdvanceCOMP incorrectly handled certain malformed zip files. If a user or automated system were tricked into processing a specially crafted zip file, a remote attacker could cause AdvanceCOMP to crash, resulting in a denial of service, or possibly execute arbitrary cod...

7.8CVSS6.2AI score0.01422EPSS
Exploits1References2
Debian
Debian
added 2018/02/13 4:32 p.m.31 views

[SECURITY] [DLA 1281-1] advancecomp security update

Package : advancecomp Version : 1.15-1+deb7u1 CVE ID : CVE-2018-1056 Debian Bug : 889270 Joonun Jang discovered that the advzip tool in advancecomp, a collection of recompression utilities, was prone to a heap-based buffer overflow. This might allow an attacker to cause a denial-of-service...

7.8CVSS6.2AI score0.01422EPSS
Exploits1
OSV
OSV
added 2018/02/13 12:0 a.m.23 views

DLA-1281-1 advancecomp - security update

Bulletin has no description...

7.8CVSS7.4AI score0.01422EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2018/02/08 5:49 a.m.22 views

CVE-2018-1056

An out-of-bounds heap buffer read flaw was found in the way advancecomp handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files...

7.8CVSS1.6AI score0.01422EPSS
Exploits1References2
Rows per page
Query Builder