50 matches found
EUVD-2006-0984
Malware in sbrugna...
EUVD-2007-2528
Malware in sbrugna...
EUVD-2005-2695
Malware in sbrugna...
EUVD-2006-0819
Malware in sbrugna...
Winace UnAce 1.x ACE Archive Remote Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12628/info A remotely exploitable client-side directory-traversal vulnerability affects Winace unace. The application fails to properly sanitize file and directory names contained within malicious ACE format archives. An...
Winace 2.2 Malformed Filename Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/33049/info Winace is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash Windows Explorer, denying service to legitimate users. Given the nature of this issue, attackers may also be able ...
Winace UnAce 2.2 Command Line Argument Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/9002/info UnAce has been reported to be prone to a buffer overflow vulnerability. The issue presents itself when UnAce handles ace filenames that are of excessive length. When this filename is passed to the UnAce utility ...
Winace UnAce 2.2 Command Line Argument Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/9002/info UnAce has been reported to be prone to a buffer overflow vulnerability. The issue presents itself when UnAce handles ace filenames that are of excessive length. When this filename is passed to the UnAce utility ...
WinACE RAR and TAR Directory Traversal (CVE-2006-0981)
WinACE Archiver is an application that can compress to and decompress from various archive formats. The compression mainly supports ACE, LZA, MS-CAB, ZIP archive formats, however the decompression support includes a wider range of compression formats including TAR, RAR, and others. There exists a...
Winace 2.2 - Malformed Filename Remote Denial of Service
Winace 2.2 - Malformed Filename Remote Denial of Service source: https://www.securityfocus.com/bid/33049/info Winace is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash Windows Explorer, denying service to legitimate users. Given the nature of this issue,...
Winace 2.2 - Malformed Filename Remote Denial of Service
source: https://www.securityfocus.com/bid/33049/info Winace is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash Windows Explorer, denying service to legitimate users. Given the nature of this issue, attackers may also be able to run arbitrary code, but this ha...
WinAce buffer overflow vulnerability
Overview WinAce provided by e-merge GmbH is vulnerable to buffer overflow. WinAce provided by e-merge GmbH is software to compress and decompress files in multiple types of compression format. WinAce is vulnerable to buffer overflow. When WinAce decompresses a specially crafted file, this...
Heap overflow
Heap-based buffer overflow in WinAce 2.65 and earlier, and possibly other versions before 2.69, allows user-assisted remote attackers to execute arbitrary code via a long filename in a compressed UUE archive...
CVE-2007-6563
Heap-based buffer overflow in WinAce 2.65 and earlier, and possibly other versions before 2.69, allows user-assisted remote attackers to execute arbitrary code via a long filename in a compressed UUE archive...
CVE-2007-6563
WinAce (by e-merge GmbH) is vulnerable to a heap-based buffer overflow in 2.65 and earlier (and possibly other versions before 2.69). A specially crafted long filename in a compressed UUE archive can cause a user-assisted remote attacker to execute arbitrary code with the user’s privileges. The J...
CVE-2007-6563
Heap-based buffer overflow in WinAce 2.65 and earlier, and possibly other versions before 2.69, allows user-assisted remote attackers to execute arbitrary code via a long filename in a compressed UUE archive...
Winace UUE文件解压堆溢出漏洞
BUGTRAQ ID: 27017 Winace是一款支持多种格式的压缩/解压程序。 Winace在处理畸形格式的UUE文档时存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制用户系统。 如果用户受骗使用Winace解压了包含有超长文件名的UUE文件的话,就可能触发堆溢出,导致执行任意代码。 e-merge GmbH Winace 2.65 e-merge GmbH Winace 2.60 厂商补丁: e-merge GmbH ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.winace.com/down.html...
JVN#44736880 WinAce buffer overflow vulnerability
WinAce provided by e-merge GmbH is software to compress and decompress files in multiple types of compression format. WinAce is vulnerable to buffer overflow. When WinAce decompresses a specially crafted file, this vulnerability can be exploited to execute arbitrary code with the privilege of the...
CVE-2007-2535
WinAce allows remote attackers to cause a denial of service infinite loop via a ZOO archive with a direntry structure that points to a previous file...
Code injection
WinAce allows remote attackers to cause a denial of service infinite loop via a ZOO archive with a direntry structure that points to a previous file...