unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." (dot dot) sequences in a filename.
CVSS Score
2.6
EPSS Score
0.007
Published
2006-03-13
Buffer overflow in unalz before 0.53 allows remote attackers to execute arbitrary code via long file names in ALZ archives.
CVSS Score
7.5
EPSS Score
0.358
Published
2005-11-29