An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer
dereference exists in the function be_uint32_read() located in endianrw.h.
It can be triggered by sending a crafted file to a binary. It allows an
attacker to cause a Denial of Service (Segmentation fault) or possibly have
unspecified other impact when a victim opens a specially crafted file.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | advancecomp | < 2.1-1ubuntu0.18.04.2 | UNKNOWN |
ubuntu | 16.04 | noarch | advancecomp | < 1.20-1ubuntu0.2+esm1) Available with Ubuntu Pro or Ubuntu Pro (Infra-only | UNKNOWN |