CVE-2005-2991

Low

2.1/10

Summary

ncompress 4.2.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files using (1) zdiff or (2) zcmp, a different vulnerability than CVE-2004-0970.

Access Complexity: LOW
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: NONE
Availability Impact: NONE

References

Advisory Timeline

Published Sep 20, 2005

CVE-2005-2991

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS