Lucene search

[email protected]CVE-2005-2385

HistoryJul 27, 2005 - 4:00 a.m.

CVE-2005-2385

2005-07-2704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-2385

buffer overflow

unacev2.dll

avast! antivirus

ace archive

remote code execution

vulnerability

8.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.053 Low

EPSS

Percentile

93.0%

JSON

Buffer overflow in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to execute arbitrary code via an ACE archive containing a long filename.

CPENameOperatorVersion
alwil:avast_antivirusalwil avast antiviruseq4.6.665
alwil:avast_antivirusalwil avast antiviruseq4.6.460

CPE	Name	Operator	Version
alwil:avast_antivirus	alwil avast antivirus	eq	4.6.665
alwil:avast_antivirus	alwil avast antivirus	eq	4.6.460

References

secunia.com/advisories/15776

secunia.com/secunia_research/2005-20/advisory/

securitytracker.com/id?1014544

www.avast.com/eng/av4_revision_history.html

8.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.053 Low

EPSS

Percentile

93.0%

JSON

Related for CVE-2005-2385

checkpoint_advisories1