CVE-2022-35015

Опубликовано: 29 авг. 2022

Источник: redhat

CVSS3: 5.5

Описание

Advancecomp v2.3 was discovered to contain a heap buffer overflow via le_uint32_read at /lib/endianrw.h.

A heap buffer overflow vulnerability was found in advancecomp in the le_uint32_read() function of the endianrw.h file. This flaw allows an attacker to trick a user into opening a specially crafted file that could cause an application to crash, leading to a denial of service attack.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 7	advancecomp	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-122->CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=2127378advancecomp: heap-buffer-overflow in le_uint32_read() in lib/endianrw.h

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2022-35015

CVSS3: 5.5

ubuntu

больше 3 лет назад

Advancecomp v2.3 was discovered to contain a heap buffer overflow via le_uint32_read at /lib/endianrw.h.

CVE-2022-35015

CVSS3: 5.5

nvd

больше 3 лет назад

Advancecomp v2.3 was discovered to contain a heap buffer overflow via le_uint32_read at /lib/endianrw.h.

CVE-2022-35015

CVSS3: 5.5

debian

больше 3 лет назад

Advancecomp v2.3 was discovered to contain a heap buffer overflow via ...

GHSA-vrhv-32q9-93jj

CVSS3: 5.5

github

больше 3 лет назад

Advancecomp v2.3 was discovered to contain a heap buffer overflow via le_uint32_read at /lib/endianrw.h.

5.5 Medium

CVSS3