Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2005-2856

Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.216
EPSS Ranking 95.5%
CVSS Severity
CVSS v2 Score 7.5
References
Products affected by CVE-2005-2856
  • Winace » Winace » Version: 2.6.0.0
    cpe:2.3:a:winace:winace:2.6.0.0


Contact Us

Shodan ® - All rights reserved