Published: 08/09/2005 Updated: 19/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Subscribe to Winace

Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility prior to 2.6.0.0, as used in multiple products including (1) ALZip 5.51 up to and including 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver prior to 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and previous versions, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted malicious users to execute arbitrary code via a long filename in an ACE archive.

Vulnerable Product	Search on Vulmon	Subscribe to Product
winace winace 2.6.0.0

/* -- /\ \/ Total Commander unacev2dll Buffer Overflow PoC Exploit /\ by Darkeagle of Unl0ck Research Team \/ unl0cknet /\ \/ when file will be created, try to open archive in TotalCmd and then unpack it ;) /\ \/ -- */ #include <stringh> #include <stdioh> unsigned char evil_ace[] = "\x29\x8F\x31\x00\x00\x00\x90\x2A\ ...

CWE-119 http://secunia.com/advisories/16479 http://secunia.com/secunia_research/2005-41/advisory/http://www.securityfocus.com/bid/14759 http://secunia.com/secunia_research/2006-24/advisory http://secunia.com/secunia_research/2006-25/advisory http://www.osvdb.org/25129 http://securitytracker.com/id?1016011 http://securitytracker.com/id?1016012 http://securitytracker.com/id?1015852 http://securitytracker.com/id?1014863 http://secunia.com/advisories/19454 http://secunia.com/advisories/19458 http://secunia.com/advisories/19581 http://secunia.com/advisories/19612 http://secunia.com/secunia_research/2006-27/http://secunia.com/advisories/19975 http://secunia.com/advisories/19977 http://secunia.com/secunia_research/2006-28/advisory http://secunia.com/secunia_research/2006-29/advisory/http://secunia.com/advisories/19596 http://secunia.com/advisories/19931 http://secunia.com/secunia_research/2006-30/advisory http://secunia.com/secunia_research/2006-32/advisory/http://secunia.com/secunia_research/2006-33/advisory/http://securitytracker.com/id?1016065 http://securitytracker.com/id?1016088 http://secunia.com/advisories/19834 http://secunia.com/advisories/19938 http://secunia.com/advisories/19967 http://securitytracker.com/id?1016066 http://securitytracker.com/id?1016114 http://securitytracker.com/id?1016115 http://secunia.com/secunia_research/2006-36/advisory http://securitytracker.com/id?1016177 http://secunia.com/advisories/20009 http://secunia.com/secunia_research/2006-38/advisory http://secunia.com/advisories/19890 http://securitytracker.com/id?1016257 http://secunia.com/secunia_research/2006-46/advisory/http://secunia.com/advisories/19939 http://securitytracker.com/id?1016512 http://secunia.com/secunia_research/2006-50/advisory/http://www.securityfocus.com/bid/19884 http://secunia.com/advisories/20270 http://securityreason.com/securityalert/49 http://www.vupen.com/english/advisories/2006/2184 http://www.vupen.com/english/advisories/2006/1681 http://www.vupen.com/english/advisories/2006/1775 http://www.vupen.com/english/advisories/2006/1836 http://www.vupen.com/english/advisories/2006/1565 http://www.vupen.com/english/advisories/2006/2047 http://www.vupen.com/english/advisories/2006/1725 http://www.vupen.com/english/advisories/2006/1611 http://www.vupen.com/english/advisories/2006/1797 http://www.vupen.com/english/advisories/2006/1694 http://www.vupen.com/english/advisories/2006/3495 http://www.vupen.com/english/advisories/2006/1835 http://www.vupen.com/english/advisories/2006/1577 http://www.vupen.com/english/advisories/2006/2824 http://marc.info/?l=bugtraq&m=112621008228458&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/28787 https://exchange.xforce.ibmcloud.com/vulnerabilities/27763 https://exchange.xforce.ibmcloud.com/vulnerabilities/26982 https://exchange.xforce.ibmcloud.com/vulnerabilities/26736 https://exchange.xforce.ibmcloud.com/vulnerabilities/26480 https://exchange.xforce.ibmcloud.com/vulnerabilities/26479 https://exchange.xforce.ibmcloud.com/vulnerabilities/26447 https://exchange.xforce.ibmcloud.com/vulnerabilities/26385 https://exchange.xforce.ibmcloud.com/vulnerabilities/26315 https://exchange.xforce.ibmcloud.com/vulnerabilities/26302 https://exchange.xforce.ibmcloud.com/vulnerabilities/26272 https://exchange.xforce.ibmcloud.com/vulnerabilities/26168 https://exchange.xforce.ibmcloud.com/vulnerabilities/26142 https://exchange.xforce.ibmcloud.com/vulnerabilities/26116 http://www.securityfocus.com/archive/1/440303/100/0/threaded http://www.securityfocus.com/archive/1/436639/100/0/threaded http://www.securityfocus.com/archive/1/434279/100/0/threaded http://www.securityfocus.com/archive/1/434234/100/0/threaded http://www.securityfocus.com/archive/1/434011/100/0/threaded http://www.securityfocus.com/archive/1/433693/100/0/threaded http://www.securityfocus.com/archive/1/433352/100/0/threaded http://www.securityfocus.com/archive/1/433258/100/0/threaded http://www.securityfocus.com/archive/1/432579/100/0/threaded http://www.securityfocus.com/archive/1/432357/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/1633/

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook