CVE-2005-2856

Summary

CVE	CVE-2005-2856
State	PUBLISHED
Assigner	mitre
Source Priority	CVE Program / NVD first with legacy fallback
Published	2005-09-08 10:03:00 UTC
Updated	2025-04-03 01:03:51 UTC
Description	Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive.

Risk And Classification

Primary CVSS: v2.0 7.5 from [email protected]

AV:N/AC:L/Au:N/C:P/I:P/A:P

Problem Types: CWE-119 | n/a

CVSS v2.0 Breakdown

Access Vector

Network

Access Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Winace	Winace	2.6.0.0	All	All	All

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	Na	N/a	affected n/a	Not specified

References

Reference	Source	Link	Tags
Secunia - Secunia Research - Anti-Trojan unacev2.dll Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
SecurityTracker.com Archives - Rising Antivirus Stack Overflow in Scanning ACE Archives Lets Remote Users Execute Arbitrary Code	af854a3a-2127-422b-91ae-364da2661108	securitytracker.com
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
SecurityFocus	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
Anti-Trojan Buffer Overflow in 'unacev2.dll' in Processing ACE Archives Lets Remote Users Execute Arbitrary Code - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	securitytracker.com
SecurityFocus	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
Secunia - Advisories - Servant Salamander unacev2.dll Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	secunia.com
ZipTV ARJ Archive Handling and unacev2.dll Buffer Overflows - Advisories - Secunia	af854a3a-2127-422b-91ae-364da2661108	secunia.com
Secunia - Advisories - ALZip ACE Archive Handling Buffer Overflow	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Patch, Vendor Advisory
Eazel unacev2.dll Buffer Overflow Vulnerability - Secunia Advisories - Vulnerability Intelligence - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
PowerArchiver unacev2.dll Buffer Overflow Vulnerability - Advisories - Secunia	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
Secunia - Advisories - Total Commander unacev2.dll Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
SecurityFocus	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
Microchip Data Systems ZipTV TZipTV ARJ File Handling Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
Secunia - Advisories - UltimateZip unacev2.dll Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	secunia.com
FilZip unacev2.dll Buffer Overflow Vulnerability - Secunia Research - Secunia	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
About Secunia Research \| Flexera	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
SecurityTracker.com Archives - Servant Salamander Buffer Overflow in 'unacev2.dll' Lets Remote Users Execute Arbitrary Code	af854a3a-2127-422b-91ae-364da2661108	securitytracker.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
SecurityFocus	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
WinHKI unacev2.dll Buffer Overflow Vulnerability - Secunia Advisories - Vulnerability Intelligence - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
SecurityTracker.com Archives - BitZipper Buffer Overflow in Processing ACE Archives Lets Remote Users Execute Arbitrary Code	af854a3a-2127-422b-91ae-364da2661108	securitytracker.com
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
SecurityFocus	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
SecurityFocus	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
'Secunia Research: ALZip ACE Archive Handling Buffer Overflow' - MARC	af854a3a-2127-422b-91ae-364da2661108	marc.info
Multiple Vendor UNACEV2 Archive File Name Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
Eazel Buffer Overflow in 'ztvunacev2.dll' in Processing ACE Archives Lets Remote Users Execute Arbitrary Code - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	securitytracker.com
Where Is It unacev2.dll Buffer Overflow Vulnerability - Secunia Research - Secunia	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
About Secunia Research \| Flexera	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
Total Commander Buffer Overflow UNACEV2.DLL Lets Remote Users Cause Arbitrary Code to Be Executed - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	securitytracker.com
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
Webmail- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
BitZipper unacev2.dll Buffer Overflow Vulnerability - Advisories - Secunia	af854a3a-2127-422b-91ae-364da2661108	secunia.com
IZArc Buffer Overflow in 'unacev2.dll' in Processing ACE Archives Lets Remote Users Execute Arbitrary Code - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	securitytracker.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
Secunia - Advisories - ExtractNow unacev2.dll Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
BitZipper unacev2.dll Buffer Overflow Vulnerability - Secunia Research - Secunia	af854a3a-2127-422b-91ae-364da2661108	secunia.com
AutoMate unacev2.dll Buffer Overflow Vulnerability - Advisories - Secunia	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
SecurityFocus	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
About Secunia Research \| Flexera	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
SecurityFocus	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
SecurityTracker.com Archives - AutoMate Buffer Overflow in 'unacev2.dll' Lets Remote Users Execute Arbitrary Code	af854a3a-2127-422b-91ae-364da2661108	securitytracker.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
SecurityFocus	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
About Secunia Research \| Flexera	af854a3a-2127-422b-91ae-364da2661108	secunia.com
ALZip Buffer Overflow UNACEV2.DLL Lets Remote Users Cause Arbitrary Code to Be Executed - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	securitytracker.com
SecurityFocus	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com
IZArc unacev2.dll Buffer Overflow Vulnerability - Secunia Advisories - Vulnerability Intelligence - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
FilZip Buffer Overflow in 'unacev2.dll' in Processing ACE Archives Lets Remote Users Execute Arbitrary Code - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	securitytracker.com
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
Rising Antivirus unacev2.dll Buffer Overflow Vulnerability - Secunia Advisories - Vulnerability Intelligence - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
IZArc unacev2.dll Buffer Overflow Vulnerability - Secunia Research - Secunia	af854a3a-2127-422b-91ae-364da2661108	secunia.com
Where Is It unacev2.dll Buffer Overflow Vulnerability - Secunia Advisories - Vulnerability Intelligence - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com
About Secunia Research \| Flexera	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
About Secunia Research \| Flexera	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
UltimateZIP Buffer Overflow in Extracting ACE Archives Lets Remote Users Execute Arbitrary Code - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	securitytracker.com
Secunia - Advisories - Anti-Trojan unacev2.dll Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
ZipTV ARJ Archive Handling and unacev2.dll Buffer Overflows - Secunia Research - Secunia	af854a3a-2127-422b-91ae-364da2661108	secunia.com
www.osvdb.org/25129	af854a3a-2127-422b-91ae-364da2661108	www.osvdb.org
About Secunia Research \| Flexera	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
Secunia - Advisories - FilZip unacev2.dll Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	secunia.com	Vendor Advisory
WinHKI Buffer Overflow in 'ztvunacev2.dll' Lets Remote Users Execute Arbitrary Code - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	securitytracker.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
SecurityReason - ALZip Multiple Archive Handling Buffer Overflow	af854a3a-2127-422b-91ae-364da2661108	securityreason.com
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.