CVE-2019-8379
advancecomp: null pointer dereference in function be_uint32_read() in endianrw.h
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function be_uint32_read() located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact when a victim opens a specially crafted file.
Fue encontrado un problema en AdvanceCOMP hasta la versión 2.1. Se presenta una diferencia de puntero NULL en la función be_uint32_read() ubicada en endianrw.h. Puede ser desencadenada enviando un archivo creado hacia un binario. Permite a un atacante generar una Denegación de Servicio (DoS) (falla de Segmentación) o posiblemente tener otro impacto no especificado cuando una víctima abre un archivo especialmente creado.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-02-16 CVE Reserved
- 2019-02-17 CVE Published
- 2024-02-11 EPSS Updated
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (7)
URL | Tag | Source |
---|---|---|
https://lists.debian.org/debian-lts-announce/2021/12/msg00034.html | Mailing List |
URL | Date | SRC |
---|---|---|
https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-the-function-be_uint32_read-advancecomp | 2024-08-04 | |
https://sourceforge.net/p/advancemame/bugs/271 | 2024-08-04 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Advancemame Search vendor "Advancemame" | Advancecomp Search vendor "Advancemame" for product "Advancecomp" | < 2.1 Search vendor "Advancemame" for product "Advancecomp" and version " < 2.1" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 35 Search vendor "Fedoraproject" for product "Fedora" and version "35" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux For Power Little Endian Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian" | 7.0 Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian" and version "7.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Server Search vendor "Redhat" for product "Enterprise Linux Server" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Server" and version "7.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Workstation Search vendor "Redhat" for product "Enterprise Linux Workstation" | 7.0 Search vendor "Redhat" for product "Enterprise Linux Workstation" and version "7.0" | - |
Affected
|