323 matches found
advancecomp -- multiple vulnerabilities
Joonun Jang reports: heap buffer overflow running advzip with "-l poc" option Running 'advzip -l poc' with the attached file raises heap buffer overflow which may allow a remote attacker to cause unspecified impact including denial-of-service attack. I expected the program to terminate without...
DEBIAN-CVE-2018-1056
An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files...
CVE-2018-1056
An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files...
CVE-2018-1056
An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files...
CVE-2018-1056
An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files...
PT-2019-18998 · Advancecomp +4 · Advancecomp +4
Name of the Vulnerable Software and Affected Versions: AdvanceCOMP versions prior to 2.1 Description: An issue exists in the function be uint32 read located in endianrw.h, which can cause a NULL pointer dereference. This can be triggered by sending a crafted file to a binary, allowing an attacker...
[SECURITY] Fedora 28 Update: advancecomp-2.1-4.fc28
AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP fil es. The main features are : Recompress ZIP, PNG and MNG files using the Deflate 7-Zip implementation. Recompress MNG files using Delta and Move optimization. This package contains: advzip - Recompression and test utility...
Fedora Update for advancecomp FEDORA-2018-af30668257
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : advancecomp (2018-af30668257)
Security fix for CVE-2018-1056 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
[SECURITY] Fedora 27 Update: advancecomp-2.1-4.fc27
AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP fil es. The main features are : Recompress ZIP, PNG and MNG files using the Deflate 7-Zip implementation. Recompress MNG files using Delta and Move optimization. This package contains: advzip - Recompression and test utility...
MGASA-2018-0141 Updated advancecomp packages fix security vulnerability
Joonun Jang discovered a vulnerability in AdvanceCOMP that could be used to crash or run programs if it opened a specially crafted ZIP file...
Updated advancecomp packages fix security vulnerability
Joonun Jang discovered a vulnerability in AdvanceCOMP that could be used to crash or run programs if it opened a specially crafted ZIP file...
Debian: Security Advisory (DLA-1281-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS : AdvanceCOMP vulnerability (USN-3570-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3570-1 advisory. Joonun Jang discovered that AdvanceCOMP incorrectly handled certain malformed zip files. If a user or automated system were tricked into processing a...
Ubuntu: Security Advisory (USN-3570-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3570-1: AdvanceCOMP vulnerability
Joonun Jang discovered that AdvanceCOMP incorrectly handled certain malformed zip files. If a user or automated system were tricked into processing a specially crafted zip file, a remote attacker could cause AdvanceCOMP to crash, resulting in a denial of service, or possibly execute arbitrary cod...
USN-3570-1 advancecomp vulnerability
Joonun Jang discovered that AdvanceCOMP incorrectly handled certain malformed zip files. If a user or automated system were tricked into processing a specially crafted zip file, a remote attacker could cause AdvanceCOMP to crash, resulting in a denial of service, or possibly execute arbitrary cod...
[SECURITY] [DLA 1281-1] advancecomp security update
Package : advancecomp Version : 1.15-1+deb7u1 CVE ID : CVE-2018-1056 Debian Bug : 889270 Joonun Jang discovered that the advzip tool in advancecomp, a collection of recompression utilities, was prone to a heap-based buffer overflow. This might allow an attacker to cause a denial-of-service...
DLA-1281-1 advancecomp - security update
Bulletin has no description...
CVE-2018-1056
An out-of-bounds heap buffer read flaw was found in the way advancecomp handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files...