5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
74.5%
Ulf Härnhammar reports:
There are buffer overflows when extracting, testing or
listing specially prepared ACE archives.
There are directory traversal bugs when extracting ACE
archives.
There are also buffer overflows when dealing with long
(>17000 characters) command line arguments.
Secunia reports:
The vulnerabilities have been confirmed in version 1.2b.
One of the buffer overflow vulnerabilities have also been
reported in version 2.04, 2.2 and 2.5. Other versions may
also be affected.
Successful exploitation may allow execution of arbitrary
code.