MiracleLinux 7 : advancecomp-1.15-22.el7 (AXSA:2020-4556:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4556:01 advisory. advancecomp: integer overflow in pngcompress in pngex.cc CVE-2019-9210 Tenable has extracted the preceding description block directly from the MiracleLinux...

CVE-2019-9210 affecting package advancecomp for versions less than 2.1-14

CVE-2019-9210 affecting package advancecomp for versions less than 2.1-14. A patched version of the package is available...

CVE-2019-9210 affecting package advancecomp for versions less than 2.1-14

CVE-2019-9210 affecting package advancecomp for versions less than 2.1-14. A patched version of the package is available...

Mageia: Security Advisory (MGASA-2019-0128)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-2868-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2868-1] advancecomp security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2868-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk December 29, 2021 https://wiki.debian.org/LTS -...

NewStart CGSL CORE 5.05 / MAIN 5.05 : advancecomp Multiple Vulnerabilities (NS-SA-2020-0101)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has advancecomp packages installed that are affected by multiple vulnerabilities: - An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function advpngunfilter8 in lib/png.c. It can be...

Amazon Linux 2 : advancecomp (ALAS-2020-1450)

The version of advancecomp installed on the remote host is prior to 1.15-22. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1450 advisory. In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which...

Medium: advancecomp

Issue Overview: In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. There is also a heap-based buffer over-read. CVE-2019-9210 Affected Packages:...

Scientific Linux Security Update : advancecomp on SL7.x x86_64 (20200407)

advancecomp: integer overflow in pngcompress in pngex.cc C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid135798; scriptversion"1.3"; scriptsetattributeattribute:"pluginmodificationdate", value:"2024/03/15";...

CentOS 7 : advancecomp (RHSA-2020:1037)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:1037 advisory. - In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to...

advancecomp security update

CentOS Errata and Security Advisory CESA-2020:1037 An update for advancecomp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Moderate: Red Hat Security Advisory: advancecomp security update

An update for advancecomp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Fedora 30 : advancecomp (2019-ee98058a22)

Security fix CVE-2019-9210 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

Ubuntu 19.04 : AdvanceCOMP vulnerability (USN-3936-2)

USN-3936-1 fixed a vulnerability in AdvanceCOMP. This update provides the corresponding update for Ubuntu 19.04. It was discovered that AdvanceCOMP incorrectly handled certain PNG files. An attacker could possibly use this issue to execute arbitrary code. Note that Tenable Network Security has...

Updated advancecomp packages fix security vulnerability

advancecomp has been updated to fix a security issue that could be triggered when pressented with a malformed PNG file. advancecomp contained an integer overflow upon encountering an invalid PNG size, which could result in a buffer overflow CVE-2019-9210, as well as a heap-based buffer over-read...

Ubuntu: Security Advisory (USN-3936-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 29 : advancecomp (2019-74a285d0ad)

Security fix CVE-2019-9210 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

CVE-2019-9210

In AdvanceCOMP 2.1, pngcompress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. There is also a heap-based buffer over-read...

CVE-2019-9210

CVE-2019-9210 affects the AdvanceCOMP recompression utilities. The flaw is in pngex.cc, inside advpng’s png_compress, where an invalid PNG size can trigger an integer overflow and lead to an attempted memcpy into a too-small buffer, with a heap-based buffer over-read also reported. A patched vers...