paul Posted August 9, 2006 Report Share Posted August 9, 2006 Tavis Ormandy, of the Google Security Team, discovered that ncompress, when uncompressing data, performed no bounds checking, which could allow a specially crafted datastream to underflow a .bss buffer with attacker controlled data. Updated packages have been patched to correct this issue. Link to comment Share on other sites More sharing options...
Recommended Posts