Published: 17/02/2019 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

An issue exists in AdvanceCOMP up to and including 2.1. A NULL pointer dereference exists in the function be_uint32_read() located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an malicious user to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact when a victim opens a specially crafted file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
advancemame advancecomp
debian debian linux 9.0
fedoraproject fedora 35
redhat enterprise linux workstation 7.0
redhat enterprise linux server 7.0
redhat enterprise linux for power little endian 7.0

Synopsis Low: advancecomp security update Type/Severity Security Advisory: Low Topic An update for advancecomp is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) base score, which giv ...

Several security issues were fixed in AdvanceCOMP ...

Debian Bug report logs - #928729 advancecomp: CVE-2019-8379 Package: src:advancecomp; Maintainer for src:advancecomp is Piotr Ożarowski <piotr@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 9 May 2019 19:45:02 UTC Severity: serious Tags: fixed-upstream, patch, security, upstream Foun ...

Debian Bug report logs - #928730 advancecomp: CVE-2019-8383 Package: src:advancecomp; Maintainer for src:advancecomp is Piotr Ożarowski <piotr@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 9 May 2019 19:45:05 UTC Severity: serious Tags: fixed-upstream, patch, security, upstream Foun ...

An issue was discovered in AdvanceCOMP through 21 A NULL pointer dereference exists in the function be_uint32_read() located in endianrwh It can be triggered by sending a crafted file to a binary It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact when a victim opens a specially cra ...

CWE-476 https://sourceforge.net/p/advancemame/bugs/271/https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-the-function-be_uint32_read-advancecomp/https://access.redhat.com/errata/RHSA-2019:2332 https://lists.debian.org/debian-lts-announce/2021/12/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J23C6QSTJMQ467KAI6QG54AE4MZRLPQV/https://access.redhat.com/errata/RHSA-2019:2332 https://ubuntu.com/security/notices/USN-5671-1 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2019-1319.html

CVE-2019-8379

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect