Описание
Advancecomp v2.3 was discovered to contain a heap buffer overflow.
A heap buffer overflow vulnerability was found in advancecomp in the data_dup() function of the data.cc file. This flaw allows an attacker to trick a user into opening a specially crafted file that could cause an application to crash, leading to a denial of service attack.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | advancecomp | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-122->CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=2127380advancecomp: heap buffer overflow in data_dup() in data.cc
EPSS
Процентиль: 41%
0.00191
Низкий
5.5 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.5
ubuntu
больше 3 лет назад
Advancecomp v2.3 was discovered to contain a heap buffer overflow.
CVSS3: 5.5
nvd
больше 3 лет назад
Advancecomp v2.3 was discovered to contain a heap buffer overflow.
CVSS3: 5.5
debian
больше 3 лет назад
Advancecomp v2.3 was discovered to contain a heap buffer overflow.
CVSS3: 5.5
github
больше 3 лет назад
Advancecomp v2.3 was discovered to contain a heap buffer overflow.
EPSS
Процентиль: 41%
0.00191
Низкий
5.5 Medium
CVSS3