[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96078

 
 

909

 
 

78009

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2005-2856

Date: (C)2005-09-08   (M)2017-07-11
 
CVSS Score: 7.5Access Vector: NETWORK
Exploitability Subscore: 10.0Access Complexity: LOW
Impact Subscore: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL











Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive.

Reference:
SECTRACK-1014863
SECTRACK-1015852
SECTRACK-1016011
SECTRACK-1016012
SECTRACK-1016065
SECTRACK-1016066
SECTRACK-1016088
SECTRACK-1016114
SECTRACK-1016115
SECTRACK-1016177
SECTRACK-1016257
SECTRACK-1016512
BID-14759
SECUNIA-16479
SECUNIA-19454
SECUNIA-19458
SECUNIA-19581
SECUNIA-19596
SECUNIA-19612
SECUNIA-19834
BID-19884
SECUNIA-19890
SECUNIA-19931
SECUNIA-19938
SECUNIA-19939
SECUNIA-19967
SECUNIA-19975
SECUNIA-19977
SECUNIA-20009
http://marc.info/?l=bugtraq&m=112621008228458&w=2
http://www.securityfocus.com/archive/1/archive/1/432357/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/432579/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/433258/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/433352/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/433693/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/434011/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/434279/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/434234/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/436639/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/440303/100/0/threaded
SECUNIA-20270
OSVDB-25129
SREASON-49
ADV-2006-1565
ADV-2006-1577
ADV-2006-1611
ADV-2006-1681
ADV-2006-1694
ADV-2006-1725
ADV-2006-1775
ADV-2006-1797
ADV-2006-1835
ADV-2006-1836
ADV-2006-2047
ADV-2006-2184
ADV-2006-2824
ADV-2006-3495
antitrojan-unacev2-bo(26302)
automate-unacev2-bo(26982)
bitzipper-unacev2-bo(27763)
eazel-ztvunacev2-bo(26479)
extractnow-unacev2-ace-bo(26168)
filzip-unacev2-bo(26447)
http://secunia.com/secunia_research/2005-41/advisory/
http://secunia.com/secunia_research/2006-24/advisory
http://secunia.com/secunia_research/2006-25/advisory
http://secunia.com/secunia_research/2006-27/
http://secunia.com/secunia_research/2006-28/advisory
http://secunia.com/secunia_research/2006-29/advisory/
http://secunia.com/secunia_research/2006-30/advisory
http://secunia.com/secunia_research/2006-32/advisory/
http://secunia.com/secunia_research/2006-33/advisory/
http://secunia.com/secunia_research/2006-36/advisory
http://secunia.com/secunia_research/2006-38/advisory
http://secunia.com/secunia_research/2006-46/advisory/
http://secunia.com/secunia_research/2006-50/advisory/
izarc-unacev2-bo(26480)
powerarchiver-unacev2-ace-bo(26272)
risingantivirus-unacev2-bo(26736)
servant-salamander-unacev2-bo(26116)
tziptv-unacev2-bo(28787)
ultimatezip-unacev2-bo(26385)
whereisit-unacev2-bo(26315)
winhki-unacev2-bo(26142)

CWE    1
CWE-119

© 2013 SecPod Technologies