MiracleLinux 7 : advancecomp-1.15-21.el7 (AXSA:2019-4098:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-4098:01 advisory. advancecomp: null pointer dereference in function beuint32read in endianrw.h CVE-2019-8379 advancecomp: denial of service in function advpngunfilter...

USN-5671-1: AdvanceCOMP vulnerabilities

It was discovered that AdvanceCOMP did not properly manage memory of function beuint32read under certain circumstances. If a user were tricked into opening a specially crafted binary file, a remote attacker could possibly use this issue to cause AdvanceCOMP to crash, resulting in a denial of...

Debian: Security Advisory (DLA-2868-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2868-1] advancecomp security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2868-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk December 29, 2021 https://wiki.debian.org/LTS -...

NewStart CGSL CORE 5.05 / MAIN 5.05 : advancecomp Multiple Vulnerabilities (NS-SA-2020-0101)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has advancecomp packages installed that are affected by multiple vulnerabilities: - An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function advpngunfilter8 in lib/png.c. It can be...

advancecomp security update

1.15-22 - Resolves: 1686115, integer overflow in pngcompress 1.15-21 - Resolves: 1711051, CVE-2019-8383 denial of service - Resolves: 1710910, CVE-2019-8379 null pointer dereference 1.15-20 - Mass rebuild 2014-01-24 1.15-19 - Mass rebuild 2013-12-27 1.15-18 - Rebuilt for...

Amazon Linux 2 : mercurial (ALAS-2019-1328)

An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function beuint32read located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service Segmentation fault or possibly have unspecified...

Amazon Linux 2 : advancecomp (ALAS-2019-1319)

An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function beuint32read located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service Segmentation fault or possibly have unspecified...

Medium: mercurial

Issue Overview: An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function beuint32read located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service Segmentation fault or possibly ha...

Scientific Linux Security Update : advancecomp on SL7.x x86_64 (20190806)

Security Fixes : - advancecomp: NULL pointer dereference in function beuint32read in endianrw.h CVE-2019-8379 - advancecomp: denial of service in function advpngunfilter8 in lib/png.c CVE-2019-8383 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; i...

advancecomp security update

1.15-21 - Resolves: 1711051, CVE-2019-8383 denial of service - Resolves: 1710910, CVE-2019-8379 null pointer dereference...

RHEL 7 : advancecomp (RHSA-2019:2332)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2332 advisory. AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP files. Security Fixes: advancecomp: null pointer dereference in...

CVE-2019-8383

AdvanceCOMP vulnerability CVE-2019-8383: an invalid memory address in adv_png_unfilter_8 (lib/png.c) can be triggered by a crafted file, allowing a Denial of Service (segmentation fault) or unspecified impact when opened. Public advisories (Debian, Mageia, Red Hat/CentOS, Fedora) document this is...