CVE-2007-6563
https://notcve.org/view.php?id=CVE-2007-6563
Heap-based buffer overflow in WinAce 2.65 and earlier, and possibly other versions before 2.69, allows user-assisted remote attackers to execute arbitrary code via a long filename in a compressed UUE archive. Desbordamiento de búfer basado en montículo en WinAce 2.65 y versiones anteriores, y posiblemente otras versiones anteriores a 2.69, permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un nombre de fichero largo en un archivo comprimido UUE. • http://jvn.jp/jp/JVN%2344736880/index.html http://jvndb.jvn.jp/contents/ja/2007/JVNDB-2007-000822.html http://osvdb.org/40267 http://secunia.com/advisories/28215 http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071225 http://www.securityfocus.com/bid/27017 http://www.vupen.com/english/advisories/2007/4312 https://exchange.xforce.ibmcloud.com/vulnerabilities/39268 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-1673
https://notcve.org/view.php?id=CVE-2007-1673
unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. El archivo unzoo.c, tal como se utiliza en varios productos, incluyendo AMaViS versión 2.4.1 y anteriores, permite a los atacantes remotos causar una denegación de servicio (bucle infinito) por medio de un archivo ZOO con una estructura direntry que apunta hacia un archivo anterior. • http://osvdb.org/36208 http://secunia.com/advisories/25315 http://securityreason.com/securityalert/2680 http://www.amavis.org/security/asa-2007-2.txt http://www.securityfocus.com/archive/1/467646/100/0/threaded http://www.securityfocus.com/bid/23823 https://exchange.xforce.ibmcloud.com/vulnerabilities/34080 • CWE-399: Resource Management Errors •
CVE-2007-2535
https://notcve.org/view.php?id=CVE-2007-2535
WinAce allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. WinAce permite a atacantes remotos provocar una denegación de servicio (bucle infinito) mediante un archivo ZOO con una estructura de entrada de directorio (direntry structure) que apunta a un fichero anterior. • http://osvdb.org/41750 http://securityreason.com/securityalert/2680 http://www.securityfocus.com/archive/1/467646/100/0/threaded http://www.securityfocus.com/bid/23823 https://exchange.xforce.ibmcloud.com/vulnerabilities/34080 •
CVE-2006-0813
https://notcve.org/view.php?id=CVE-2006-0813
Heap-based buffer overflow in WinACE 2.60 allows user-assisted attackers to execute arbitrary code via a large header block in an ARJ archive. • http://secunia.com/advisories/17251 http://secunia.com/secunia_research/2005-67/advisory http://securityreason.com/securityalert/479 http://securitytracker.com/id?1015672 http://www.osvdb.org/23383 http://www.securityfocus.com/archive/1/425894/100/0/threaded http://www.securityfocus.com/bid/16786 http://www.vupen.com/english/advisories/2006/0709 https://exchange.xforce.ibmcloud.com/vulnerabilities/24872 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2005-2856 – Total Commander 6.x - 'unacev2.dll' Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2005-2856
Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive. • https://www.exploit-db.com/exploits/1633 http://marc.info/?l=bugtraq&m=112621008228458&w=2 http://secunia.com/advisories/16479 http://secunia.com/advisories/19454 http://secunia.com/advisories/19458 http://secunia.com/advisories/19581 http://secunia.com/advisories/19596 http://secunia.com/advisories/19612 http://secunia.com/advisories/19834 http://secunia.com/advisories/19890 http://secunia.com/advisories/19931 http://secunia.com/advisories/19938 http://secunia.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •