unace -- multiple vulnerabilities

ID 1D3A2737-7EB7-11D9-ACF7-000854D03344
Type freebsd
Reporter FreeBSD
Modified 2006-09-26T00:00:00


Ulf Härnhammar reports:

There are buffer overflows when extracting, testing or listing specially prepared ACE archives. There are directory traversal bugs when extracting ACE archives. There are also buffer overflows when dealing with long (>17000 characters) command line arguments.

Secunia reports:

The vulnerabilities have been confirmed in version 1.2b. One of the buffer overflow vulnerabilities have also been reported in version 2.04, 2.2 and 2.5. Other versions may also be affected. Successful exploitation may allow execution of arbitrary code.