The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) liblzw allows remote malicious users to cause a denial of service (crash), and possibly execute arbitrary code, via crafted data that leads to a buffer underflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ncompress ncompress 4.2.4 |