CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
89.2%
Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive.
marc.info/?l=bugtraq&m=112621008228458&w=2
secunia.com/advisories/16479
secunia.com/advisories/19454
secunia.com/advisories/19458
secunia.com/advisories/19581
secunia.com/advisories/19596
secunia.com/advisories/19612
secunia.com/advisories/19834
secunia.com/advisories/19890
secunia.com/advisories/19931
secunia.com/advisories/19938
secunia.com/advisories/19939
secunia.com/advisories/19967
secunia.com/advisories/19975
secunia.com/advisories/19977
secunia.com/advisories/20009
secunia.com/advisories/20270
secunia.com/secunia_research/2005-41/advisory/
secunia.com/secunia_research/2006-24/advisory
secunia.com/secunia_research/2006-25/advisory
secunia.com/secunia_research/2006-27/
secunia.com/secunia_research/2006-28/advisory
secunia.com/secunia_research/2006-29/advisory/
secunia.com/secunia_research/2006-30/advisory
secunia.com/secunia_research/2006-32/advisory/
secunia.com/secunia_research/2006-33/advisory/
secunia.com/secunia_research/2006-36/advisory
secunia.com/secunia_research/2006-38/advisory
secunia.com/secunia_research/2006-46/advisory/
secunia.com/secunia_research/2006-50/advisory/
securityreason.com/securityalert/49
securitytracker.com/id?1014863
securitytracker.com/id?1015852
securitytracker.com/id?1016011
securitytracker.com/id?1016012
securitytracker.com/id?1016065
securitytracker.com/id?1016066
securitytracker.com/id?1016088
securitytracker.com/id?1016114
securitytracker.com/id?1016115
securitytracker.com/id?1016177
securitytracker.com/id?1016257
securitytracker.com/id?1016512
www.osvdb.org/25129
www.securityfocus.com/archive/1/432357/100/0/threaded
www.securityfocus.com/archive/1/432579/100/0/threaded
www.securityfocus.com/archive/1/433258/100/0/threaded
www.securityfocus.com/archive/1/433352/100/0/threaded
www.securityfocus.com/archive/1/433693/100/0/threaded
www.securityfocus.com/archive/1/434011/100/0/threaded
www.securityfocus.com/archive/1/434234/100/0/threaded
www.securityfocus.com/archive/1/434279/100/0/threaded
www.securityfocus.com/archive/1/436639/100/0/threaded
www.securityfocus.com/archive/1/440303/100/0/threaded
www.securityfocus.com/bid/14759
www.securityfocus.com/bid/19884
www.vupen.com/english/advisories/2006/1565
www.vupen.com/english/advisories/2006/1577
www.vupen.com/english/advisories/2006/1611
www.vupen.com/english/advisories/2006/1681
www.vupen.com/english/advisories/2006/1694
www.vupen.com/english/advisories/2006/1725
www.vupen.com/english/advisories/2006/1775
www.vupen.com/english/advisories/2006/1797
www.vupen.com/english/advisories/2006/1835
www.vupen.com/english/advisories/2006/1836
www.vupen.com/english/advisories/2006/2047
www.vupen.com/english/advisories/2006/2184
www.vupen.com/english/advisories/2006/2824
www.vupen.com/english/advisories/2006/3495
exchange.xforce.ibmcloud.com/vulnerabilities/26116
exchange.xforce.ibmcloud.com/vulnerabilities/26142
exchange.xforce.ibmcloud.com/vulnerabilities/26168
exchange.xforce.ibmcloud.com/vulnerabilities/26272
exchange.xforce.ibmcloud.com/vulnerabilities/26302
exchange.xforce.ibmcloud.com/vulnerabilities/26315
exchange.xforce.ibmcloud.com/vulnerabilities/26385
exchange.xforce.ibmcloud.com/vulnerabilities/26447
exchange.xforce.ibmcloud.com/vulnerabilities/26479
exchange.xforce.ibmcloud.com/vulnerabilities/26480
exchange.xforce.ibmcloud.com/vulnerabilities/26736
exchange.xforce.ibmcloud.com/vulnerabilities/26982
exchange.xforce.ibmcloud.com/vulnerabilities/27763
exchange.xforce.ibmcloud.com/vulnerabilities/28787