{"id":"CVE-2019-9210","details":"In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. (There is also a heap-based buffer over-read.)","modified":"2026-04-16T04:44:19.144829450Z","published":"2019-02-27T14:29:00.607Z","references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R56LVWC7KUNXFRKQB3Y5NX2YHFJKYZB4/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3936-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3936-2/"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00004.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00034.html"},{"type":"EVIDENCE","url":"https://sourceforge.net/p/advancemame/bugs/277/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/amadvance/advancecomp","events":[{"introduced":"0"},{"last_affected":"7deeafc02b29cc51d51079e66f4f43f986ff9cc5"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.1"}]}}],"versions":["advancecomp-1_10","advancecomp-1_11","advancecomp-1_12","advancecomp-1_14","advancecomp-1_15","advancecomp-1_5","advancecomp-1_6","advancecomp-1_7","advancecomp-1_8","advancecomp-1_9","start","v1.16","v1.20","v1.21","v1.22","v1.23","v2.0","v2.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-9210.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.10"}]},{"events":[{"introduced":"0"},{"last_affected":"19.04"}]},{"events":[{"introduced":"0"},{"last_affected":"30"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}