CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 2CVE-2015-2063 – Debian Security Advisory 3178-1
https://notcve.org/view.php?id=CVE-2015-2063
03 Mar 2015 — Integer overflow in unace 1.2b allows remote attackers to cause a denial of service (crash) via a small file header in an ace archive, which triggers a buffer overflow. Desbordamiento de enteros en unace 1.2b permite a atacantes remotos causar una denegación de servicio (caída) a través de una cabecera de fichero pequeña en un archivo ace, lo que provoca un desbordamiento de buffer. Jakub Wilk discovered that unace, an utility to extract, test and view .ace archives, contained an integer overflow leading to... • http://www.debian.org/security/2015/dsa-3178 • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 23%CPEs: 1EXPL: 0CVE-2007-6563
https://notcve.org/view.php?id=CVE-2007-6563
28 Dec 2007 — Heap-based buffer overflow in WinAce 2.65 and earlier, and possibly other versions before 2.69, allows user-assisted remote attackers to execute arbitrary code via a long filename in a compressed UUE archive. Desbordamiento de búfer basado en montículo en WinAce 2.65 y versiones anteriores, y posiblemente otras versiones anteriores a 2.69, permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un nombre de fichero largo en un archivo comprimido UUE. • http://jvn.jp/jp/JVN%2344736880/index.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 59EXPL: 1CVE-2007-1673
https://notcve.org/view.php?id=CVE-2007-1673
09 May 2007 — unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. El archivo unzoo.c, tal como se utiliza en varios productos, incluyendo AMaViS versión 2.4.1 y anteriores, permite a los atacantes remotos causar una denegación de servicio (bucle infinito) por medio de un archivo ZOO con una estructura direntry que apunta hacia un archivo anterior. • http://osvdb.org/36208 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2007-2535
https://notcve.org/view.php?id=CVE-2007-2535
09 May 2007 — WinAce allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. WinAce permite a atacantes remotos provocar una denegación de servicio (bucle infinito) mediante un archivo ZOO con una estructura de entrada de directorio (direntry structure) que apunta a un fichero anterior. • http://osvdb.org/41750 •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2006-0813
https://notcve.org/view.php?id=CVE-2006-0813
24 Feb 2006 — Heap-based buffer overflow in WinACE 2.60 allows user-assisted attackers to execute arbitrary code via a large header block in an ARJ archive. • http://secunia.com/advisories/17251 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 21%CPEs: 1EXPL: 1CVE-2005-2856 – Total Commander 6.x - 'unacev2.dll' Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2005-2856
08 Sep 2005 — Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and ea... • https://www.exploit-db.com/exploits/1633 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 1CVE-2005-2694 – WinAce 2.6.0.5 - Temporary File Parsing Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-2694
25 Aug 2005 — Buffer overflow in WinAce 2.6.0.5, and possibly earlier versions, allows remote attackers to execute arbitrary code via a temporary (.tmp) file that contains an entry with a long file name. • https://www.exploit-db.com/exploits/1168 •