PT-2018-9960 · Advancecomp+2 · Advancecomp+2

Joonun Jang

·

Publicado

2018-02-08

·

Atualizado

2022-01-21

·

CVE-2018-1056

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: advancecomp versions prior to 2.1-2018/02
Description: An out-of-bounds heap buffer read flaw was found in the way advancecomp handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files.
Recommendations: For versions prior to 2.1-2018/02, update to version 2.1-2018/02 or later to resolve the issue.

Exploit

Correção

Out of bounds Read

Heap Based Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125CWE-122

Identificadores relacionados

ALT-PU-2018-1669
CVE-2018-1056
DLA-1281-1
DLA-1702-1
DLA-2868-1
MGASA-2018-0141
USN-3570-1

Produtos afetados

Alt Linux
Ubuntu
Advancecomp