Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive.
References
Configurations
History
21 Nov 2024, 00:00
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=bugtraq&m=112621008228458&w=2 - | |
References | () http://secunia.com/advisories/16479 - Patch, Vendor Advisory | |
References | () http://secunia.com/advisories/19454 - Vendor Advisory | |
References | () http://secunia.com/advisories/19458 - Vendor Advisory | |
References | () http://secunia.com/advisories/19581 - Vendor Advisory | |
References | () http://secunia.com/advisories/19596 - | |
References | () http://secunia.com/advisories/19612 - | |
References | () http://secunia.com/advisories/19834 - Vendor Advisory | |
References | () http://secunia.com/advisories/19890 - Vendor Advisory | |
References | () http://secunia.com/advisories/19931 - | |
References | () http://secunia.com/advisories/19938 - Vendor Advisory | |
References | () http://secunia.com/advisories/19939 - | |
References | () http://secunia.com/advisories/19967 - Vendor Advisory | |
References | () http://secunia.com/advisories/19975 - Vendor Advisory | |
References | () http://secunia.com/advisories/19977 - Vendor Advisory | |
References | () http://secunia.com/advisories/20009 - Vendor Advisory | |
References | () http://secunia.com/advisories/20270 - | |
References | () http://secunia.com/secunia_research/2005-41/advisory/ - | |
References | () http://secunia.com/secunia_research/2006-24/advisory - Vendor Advisory | |
References | () http://secunia.com/secunia_research/2006-25/advisory - Vendor Advisory | |
References | () http://secunia.com/secunia_research/2006-27/ - Vendor Advisory | |
References | () http://secunia.com/secunia_research/2006-28/advisory - Vendor Advisory | |
References | () http://secunia.com/secunia_research/2006-29/advisory/ - Vendor Advisory | |
References | () http://secunia.com/secunia_research/2006-30/advisory - Vendor Advisory | |
References | () http://secunia.com/secunia_research/2006-32/advisory/ - | |
References | () http://secunia.com/secunia_research/2006-33/advisory/ - Vendor Advisory | |
References | () http://secunia.com/secunia_research/2006-36/advisory - Vendor Advisory | |
References | () http://secunia.com/secunia_research/2006-38/advisory - Vendor Advisory | |
References | () http://secunia.com/secunia_research/2006-46/advisory/ - | |
References | () http://secunia.com/secunia_research/2006-50/advisory/ - | |
References | () http://securityreason.com/securityalert/49 - | |
References | () http://securitytracker.com/id?1014863 - | |
References | () http://securitytracker.com/id?1015852 - | |
References | () http://securitytracker.com/id?1016011 - | |
References | () http://securitytracker.com/id?1016012 - | |
References | () http://securitytracker.com/id?1016065 - | |
References | () http://securitytracker.com/id?1016066 - | |
References | () http://securitytracker.com/id?1016088 - | |
References | () http://securitytracker.com/id?1016114 - | |
References | () http://securitytracker.com/id?1016115 - | |
References | () http://securitytracker.com/id?1016177 - | |
References | () http://securitytracker.com/id?1016257 - | |
References | () http://securitytracker.com/id?1016512 - | |
References | () http://www.osvdb.org/25129 - | |
References | () http://www.securityfocus.com/archive/1/432357/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/432579/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/433258/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/433352/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/433693/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/434011/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/434234/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/434279/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/436639/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/440303/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/14759 - | |
References | () http://www.securityfocus.com/bid/19884 - | |
References | () http://www.vupen.com/english/advisories/2006/1565 - | |
References | () http://www.vupen.com/english/advisories/2006/1577 - | |
References | () http://www.vupen.com/english/advisories/2006/1611 - | |
References | () http://www.vupen.com/english/advisories/2006/1681 - | |
References | () http://www.vupen.com/english/advisories/2006/1694 - | |
References | () http://www.vupen.com/english/advisories/2006/1725 - | |
References | () http://www.vupen.com/english/advisories/2006/1775 - | |
References | () http://www.vupen.com/english/advisories/2006/1797 - | |
References | () http://www.vupen.com/english/advisories/2006/1835 - | |
References | () http://www.vupen.com/english/advisories/2006/1836 - | |
References | () http://www.vupen.com/english/advisories/2006/2047 - | |
References | () http://www.vupen.com/english/advisories/2006/2184 - | |
References | () http://www.vupen.com/english/advisories/2006/2824 - | |
References | () http://www.vupen.com/english/advisories/2006/3495 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/26116 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/26142 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/26168 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/26272 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/26302 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/26315 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/26385 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/26447 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/26479 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/26480 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/26736 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/26982 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/27763 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/28787 - |
Information
Published : 2005-09-08 10:03
Updated : 2024-11-21 00:00
NVD link : CVE-2005-2856
Mitre link : CVE-2005-2856
CVE.ORG link : CVE-2005-2856
JSON object : View
Products Affected
winace
- winace
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer