ncompress 相關的公開 CVE 漏洞與安全風險資訊,提供 CVSS、EPSS、公開時間與漏洞情報資料,協助評估潛在風險與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2006-1168 | The decompress function in compress42.c in (1) ncompress 4.2.4 and (2) liblzw allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code, via crafted data that leads to a buffer underflow. | bc94ec7e-8909-4cbb-83df-d2fc9330fa88 | 7.5 | 5.76% | 2006-08-14 | 2026-06-16 |
| CVE-2005-2991 | ncompress 4.2.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files using (1) zdiff or (2) zcmp, a different vulnerability than CVE-2004-0970. | [email protected] | 2.1 | 0.37% | 2005-09-20 | 2026-06-16 |
| CVE-2001-1413 | Stack-based buffer overflow in the comprexx function for ncompress 4.2.4 and earlier, when used in situations that cross security boundaries (such as FTP server), may allow remote attackers to execute arbitrary code via a long filename argument. | [email protected] | 7.5 | 4.78% | 2004-12-23 | 2026-06-16 |