CVE-2022-35014Improper Restriction of Operations within the Bounds of a Memory Buffer in Advancecomp

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
5.5MEDIUMOSV
No vector
EPSS
0.2%
top 62.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Advancemame Advancecomp
Timeline
PublishedFeb 1

Description

advancecomp vulnerabilities It was discovered that AdvanceCOMP did not properly manage memory while performing read operations on MNG file. If a user were tricked into opening a specially crafted MNG file, a remote attacker could possibly use this issue to cause AdvanceCOMP to crash, resulting in a denial of service. (CVE-2022-35014, CVE-2022-35017, CVE-2022-35018, CVE-2022-35019, CVE-2022-35020) It was discovered that AdvanceCOMP did not properly manage memory while performing read operations

Affected Packages1 packages

Ubuntuadvancemame/advancecomp< 2.1-1ubuntu0.18.04.3+3

🔴Vulnerability Details

1
OSV
advancecomp vulnerabilities2023-02-01

📋Vendor Advisories

3
Ubuntu
AdvanceCOMP vulnerabilities2023-02-01
Red Hat
advancecomp: SEGV via invalid read address2022-08-29
Debian
CVE-2022-35014: advancecomp - Advancecomp v2.3 contains a segmentation fault.2022
CVE-2022-35014 — Advancemame Advancecomp vulnerability | cvebase