CVE-2005-2856 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2005-2856
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-2856

Description: Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/26447 http://xforce.iss.net/xforce/xfdb/26480 http://xforce.iss.net/xforce/xfdb/26479 http://xforce.iss.net/xforce/xfdb/27763 http://xforce.iss.net/xforce/xfdb/26168 http://xforce.iss.net/xforce/xfdb/26385 http://xforce.iss.net/xforce/xfdb/26315 http://xforce.iss.net/xforce/xfdb/26142 http://xforce.iss.net/xforce/xfdb/26302 http://xforce.iss.net/xforce/xfdb/26982 http://xforce.iss.net/xforce/xfdb/26272 http://xforce.iss.net/xforce/xfdb/26736 http://xforce.iss.net/xforce/xfdb/26116 ST 1016512 1016257 1016177 1016115 1016114 1016066 1016088 1014863 1016065 1016012 1015852 1016011 SREASON http://securityreason.com/securityalert/49 SAID Secunia Advisory: SA20270 Secunia Advisory: SA19939 Secunia Advisory: SA19890 Secunia Advisory: SA20009 Secunia Advisory: SA19967 Secunia Advisory: SA19938 Secunia Advisory: SA19931 Secunia Advisory: SA19834 Secunia Advisory: SA19596 Secunia Advisory: SA19977 Secunia Advisory: SA19975 Secunia Advisory: SA19612 Secunia Advisory: SA19581 Secunia Advisory: SA19458 Secunia Advisory: SA19454 Secunia Advisory: SA16479 OSVDB 25129 MISC http://secunia.com/secunia_research/2006-50/advisory/ http://secunia.com/secunia_research/2006-46/advisory/ http://secunia.com/secunia_research/2006-38/advisory http://secunia.com/secunia_research/2006-36/advisory http://secunia.com/secunia_research/2006-33/advisory/ http://secunia.com/secunia_research/2006-32/advisory/ http://secunia.com/secunia_research/2006-30/advisory http://secunia.com/secunia_research/2006-29/advisory/ http://secunia.com/secunia_research/2006-28/advisory http://secunia.com/secunia_research/2006-27/ http://secunia.com/secunia_research/2006-25/advisory http://secunia.com/secunia_research/2006-24/advisory http://secunia.com/secunia_research/2005-41/advisory/ BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/440303/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/436639/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/434279/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/434234/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/434011/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/433352/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/433693/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/433258/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/432579/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/432357/100/0/threaded http://marc.theaimsgroup.com/?l=bugtraq&m=112621008228458&w=2 BID 14759 19884

Return to the previous page.