Advancemame Advancecomp vulnerabilities

CVE-2023-2961 [LOW] CWE-20 CVE-2023-2961: A segmentation fault flaw was found in the Advancecomp package. This may lead to decreased availabil A segmentation fault flaw was found in the Advancecomp package. This may lead to decreased availability.

CVE-2022-35014 [MEDIUM] advancecomp vulnerabilities advancecomp vulnerabilities It was discovered that AdvanceCOMP did not properly manage memory while performing read operations on MNG file. If a user were tricked into opening a specially crafted MNG file, a remote attacker could possibly use this issue to cause AdvanceCOMP to crash, resulting in a denial of service. (CVE-2022-35014, CVE-2022-35017, CVE-2022-35018, CVE-2022-35019, CVE-2022-35020) It was discovered that AdvanceCOMP did not pro

CVE-2022-35020 [MEDIUM] CWE-787 CVE-2022-35020: Advancecomp v2.3 was discovered to contain a heap buffer overflow via the component __interceptor_me Advancecomp v2.3 was discovered to contain a heap buffer overflow via the component __interceptor_memcpy at /sanitizer_common/sanitizer_common_interceptors.inc.

CVE-2022-35017 [MEDIUM] CWE-787 CVE-2022-35017: Advancecomp v2.3 was discovered to contain a heap buffer overflow. Advancecomp v2.3 was discovered to contain a heap buffer overflow.

CVE-2022-35015 [MEDIUM] CWE-787 CVE-2022-35015: Advancecomp v2.3 was discovered to contain a heap buffer overflow via le_uint32_read at /lib/endianr Advancecomp v2.3 was discovered to contain a heap buffer overflow via le_uint32_read at /lib/endianrw.h.

CVE-2022-35016 [MEDIUM] CWE-787 CVE-2022-35016: Advancecomp v2.3 was discovered to contain a heap buffer overflow. Advancecomp v2.3 was discovered to contain a heap buffer overflow.

CVE-2022-35018 [MEDIUM] CVE-2022-35018: Advancecomp v2.3 was discovered to contain a segmentation fault. Advancecomp v2.3 was discovered to contain a segmentation fault.

CVE-2022-35019 [MEDIUM] CVE-2022-35019: Advancecomp v2.3 was discovered to contain a segmentation fault. Advancecomp v2.3 was discovered to contain a segmentation fault.

CVE-2019-9210 [HIGH] CWE-125 CVE-2019-9210: In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. (There is also a heap-based buffer over-read.)

CVE-2019-8383 [HIGH] CWE-119 CVE-2019-8383: An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function adv_png_unfilter_8 in lib/png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact when a victim opens a specially crafted file.

CVE-2019-8379 [HIGH] CWE-476 CVE-2019-8379: An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the functio An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function be_uint32_read() located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact when a victim opens a specially crafted

CVE-2018-1056 [HIGH] CWE-122 CVE-2018-1056: An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled p An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files.