{ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-2856", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "automate-unacev2-bo(26982)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26982" }, { "name": "1016512", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016512" }, { "name": "http://secunia.com/secunia_research/2006-24/advisory", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2006-24/advisory" }, { "name": "ADV-2006-2824", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2824" }, { "name": "49", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/49" }, { "name": "19884", "refsource": "BID", "url": "http://www.securityfocus.com/bid/19884" }, { "name": "eazel-ztvunacev2-bo(26479)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26479" }, { "name": "ADV-2006-1797", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1797" }, { "name": "20060517 Secunia Research: Eazel unacev2.dll Buffer Overflow Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/434279/100/0/threaded" }, { "name": "1014863", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014863" }, { "name": "1016011", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016011" }, { "name": "1016115", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016115" }, { "name": "19939", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19939" }, { "name": "http://secunia.com/secunia_research/2006-46/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2006-46/advisory/" }, { "name": "1016065", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016065" }, { "name": "ADV-2006-1835", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1835" }, { "name": "1016088", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016088" }, { "name": "ADV-2006-3495", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3495" }, { "name": "19967", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19967" }, { "name": "http://secunia.com/secunia_research/2006-27/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2006-27/" }, { "name": "1016177", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016177" }, { "name": "1016114", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016114" }, { "name": "powerarchiver-unacev2-ace-bo(26272)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26272" }, { "name": "http://secunia.com/secunia_research/2006-50/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2006-50/advisory/" }, { "name": "20060501 Secunia Research: WinHKI unacev2.dll Buffer Overflow Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/432579/100/0/threaded" }, { "name": "19931", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19931" }, { "name": "http://secunia.com/secunia_research/2006-36/advisory", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2006-36/advisory" }, { "name": "http://secunia.com/secunia_research/2006-28/advisory", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2006-28/advisory" }, { "name": "filzip-unacev2-bo(26447)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26447" }, { "name": "19975", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19975" }, { "name": "ADV-2006-1775", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1775" }, { "name": "16479", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/16479" }, { "name": "ultimatezip-unacev2-bo(26385)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26385" }, { "name": "servant-salamander-unacev2-bo(26116)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26116" }, { "name": "20060609 Secunia Research: AutoMate unacev2.dll Buffer OverflowVulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/436639/100/0/threaded" }, { "name": "ADV-2006-1611", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1611" }, { "name": "ADV-2006-1681", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1681" }, { "name": "20060511 Secunia Research: UltimateZip unacev2.dll Buffer OverflowVulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/433693/100/0/threaded" }, { "name": "ADV-2006-2184", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2184" }, { "name": "ADV-2006-1577", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1577" }, { "name": "http://secunia.com/secunia_research/2006-33/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2006-33/advisory/" }, { "name": "http://secunia.com/secunia_research/2006-29/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2006-29/advisory/" }, { "name": "20060517 Secunia Research: IZArc unacev2.dll Buffer Overflow Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/434234/100/0/threaded" }, { "name": "19938", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19938" }, { "name": "19581", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19581" }, { "name": "antitrojan-unacev2-bo(26302)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26302" }, { "name": "ADV-2006-1694", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1694" }, { "name": "20270", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20270" }, { "name": "19890", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19890" }, { "name": "19977", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19977" }, { "name": "winhki-unacev2-bo(26142)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26142" }, { "name": "http://secunia.com/secunia_research/2006-38/advisory", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2006-38/advisory" }, { "name": "19596", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19596" }, { "name": "http://secunia.com/secunia_research/2005-41/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2005-41/advisory/" }, { "name": "1016066", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016066" }, { "name": "20060717 Secunia Research: BitZipper unacev2.dll Buffer OverflowVulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/440303/100/0/threaded" }, { "name": "19458", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19458" }, { "name": "http://secunia.com/secunia_research/2006-25/advisory", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2006-25/advisory" }, { "name": "1016012", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016012" }, { "name": "risingantivirus-unacev2-bo(26736)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26736" }, { "name": "http://secunia.com/secunia_research/2006-32/advisory/", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2006-32/advisory/" }, { "name": "19454", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19454" }, { "name": "20060508 Secunia Research: Anti-Trojan unacev2.dll Buffer OverflowVulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/433258/100/0/threaded" }, { "name": "http://secunia.com/secunia_research/2006-30/advisory", "refsource": "MISC", "url": "http://secunia.com/secunia_research/2006-30/advisory" }, { "name": "whereisit-unacev2-bo(26315)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26315" }, { "name": "20060428 Secunia Research: Servant Salamander unacev2.dll Buffer OverflowVulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/432357/100/0/threaded" }, { "name": "25129", "refsource": "OSVDB", "url": "http://www.osvdb.org/25129" }, { "name": "bitzipper-unacev2-bo(27763)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27763" }, { "name": "19834", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19834" }, { "name": "20060515 Secunia Research: FilZip unacev2.dll Buffer Overflow Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/434011/100/0/threaded" }, { "name": "tziptv-unacev2-bo(28787)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28787" }, { "name": "20060509 Secunia Research: Where Is It unacev2.dll Buffer OverflowVulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/433352/100/0/threaded" }, { "name": "20009", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20009" }, { "name": "izarc-unacev2-bo(26480)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26480" }, { "name": "ADV-2006-2047", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2047" }, { "name": "extractnow-unacev2-ace-bo(26168)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26168" }, { "name": "14759", "refsource": "BID", "url": "http://www.securityfocus.com/bid/14759" }, { "name": "ADV-2006-1836", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1836" }, { "name": "1016257", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016257" }, { "name": "19612", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19612" }, { "name": "ADV-2006-1565", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1565" }, { "name": "ADV-2006-1725", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1725" }, { "name": "1015852", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015852" }, { "name": "20050908 Secunia Research: ALZip ACE Archive Handling Buffer Overflow", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=112621008228458&w=2" } ] } }