CVE-2018-1056

Published: Jul 27, 2018

Modified: Aug 5, 2024

PUBLISHED

CVSS v3.0

3.3

LOW

Description

An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files.

Vendor	Product	Versions
amadvance	advancecomp:	affected `2.1-2018/02`

Weaknesses (CWE)

CWE-122

CVSS v3.0 Details

CVSS v3.0 Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

References

[debian-lts-announce] 20190302 [SECURITY] [DLA 1702-1] advancecomp security update

mailing-list

x_refsource_MLIST

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1056

x_refsource_CONFIRM

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889270

x_refsource_CONFIRM

USN-3570-1

vendor-advisory

x_refsource_UBUNTU

[debian-lts-announce] 20180213 [SECURITY] [DLA 1281-1] advancecomp security update

mailing-list

x_refsource_MLIST

https://sourceforge.net/p/advancemame/bugs/259/

x_refsource_CONFIRM

[debian-lts-announce] 20211229 [SECURITY] [DLA 2868-1] advancecomp security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-1056

Description

Affected Products

Weaknesses (CWE)

CVSS v3.0 Details

References