Lucene search

[email protected]CVE-2005-2385

HistoryJul 27, 2005 - 4:00 a.m.

CVE-2005-2385

2005-07-2704:00:00

[email protected]

web.nvd.nist.gov

cve-2005-2385

buffer overflow

unacev2.dll

avast! antivirus

ace archive

remote code execution

vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.053 Low

EPSS

Percentile

93.1%

JSON

Buffer overflow in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to execute arbitrary code via an ACE archive containing a long filename.

Affected configurations

NVD

Node

alwilavast_antivirusMatch4.6.460server

alwilavast_antivirusMatch4.6.665home

alwilavast_antivirusMatch4.6.665pro

CPENameOperatorVersion
alwil:avast_antivirusalwil avast antiviruseq4.6.460
alwil:avast_antivirusalwil avast antiviruseq4.6.665

CPE	Name	Operator	Version
alwil:avast_antivirus	alwil avast antivirus	eq	4.6.460
alwil:avast_antivirus	alwil avast antivirus	eq	4.6.665

References

secunia.com/advisories/15776

secunia.com/secunia_research/2005-20/advisory/

securitytracker.com/id?1014544

www.avast.com/eng/av4_revision_history.html

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.053 Low

EPSS

Percentile

93.1%

JSON

Related for CVE-2005-2385

checkpoint_advisories1 nvd1 cvelist1