CVE-2005-2856

Total Commander 6.x - 'unacev2.dll' Buffer Overflow (PoC)

Severity Score

7.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive.

*Credits: N/A

CVSS Scores

NISTv2 7.5

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2005-09-08 CVE Reserved
2005-09-08 CVE Published
2006-04-02 First Exploit
2024-08-07 CVE Updated
2024-08-15 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CAPEC

References (85)

URL	Tag	Source
http://marc.info/?l=bugtraq&m=112621008228458&w=2	Mailing List
http://secunia.com/advisories/19596	Third Party Advisory
http://secunia.com/advisories/19612	Third Party Advisory
http://secunia.com/advisories/19931	Third Party Advisory
http://secunia.com/advisories/19939	Third Party Advisory
http://secunia.com/advisories/20270	Third Party Advisory
http://secunia.com/secunia_research/2005-41/advisory	X_refsource_misc
http://secunia.com/secunia_research/2006-32/advisory	X_refsource_misc
http://secunia.com/secunia_research/2006-46/advisory	X_refsource_misc
http://secunia.com/secunia_research/2006-50/advisory	X_refsource_misc
http://securityreason.com/securityalert/49	Third Party Advisory
http://securitytracker.com/id?1014863	Vdb Entry
http://securitytracker.com/id?1015852	Vdb Entry
http://securitytracker.com/id?1016011	Vdb Entry
http://securitytracker.com/id?1016012	Vdb Entry
http://securitytracker.com/id?1016065	Vdb Entry
http://securitytracker.com/id?1016066	Vdb Entry
http://securitytracker.com/id?1016088	Vdb Entry
http://securitytracker.com/id?1016114	Vdb Entry
http://securitytracker.com/id?1016115	Vdb Entry
http://securitytracker.com/id?1016177	Vdb Entry
http://securitytracker.com/id?1016257	Vdb Entry
http://securitytracker.com/id?1016512	Vdb Entry
http://www.osvdb.org/25129	Vdb Entry
http://www.securityfocus.com/archive/1/432357/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/432579/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/433258/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/433352/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/433693/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/434011/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/434234/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/434279/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/436639/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/440303/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/14759	Vdb Entry
http://www.securityfocus.com/bid/19884	Vdb Entry
http://www.vupen.com/english/advisories/2006/1565	Vdb Entry
http://www.vupen.com/english/advisories/2006/1577	Vdb Entry
http://www.vupen.com/english/advisories/2006/1611	Vdb Entry
http://www.vupen.com/english/advisories/2006/1681	Vdb Entry
http://www.vupen.com/english/advisories/2006/1694	Vdb Entry
http://www.vupen.com/english/advisories/2006/1725	Vdb Entry
http://www.vupen.com/english/advisories/2006/1775	Vdb Entry
http://www.vupen.com/english/advisories/2006/1797	Vdb Entry
http://www.vupen.com/english/advisories/2006/1835	Vdb Entry
http://www.vupen.com/english/advisories/2006/1836	Vdb Entry
http://www.vupen.com/english/advisories/2006/2047	Vdb Entry
http://www.vupen.com/english/advisories/2006/2184	Vdb Entry
http://www.vupen.com/english/advisories/2006/2824	Vdb Entry
http://www.vupen.com/english/advisories/2006/3495	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/26116	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/26142	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/26168	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/26272	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/26302	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/26315	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/26385	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/26447	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/26479	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/26480	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/26736	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/26982	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/27763	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/28787	Vdb Entry

URL	Date	SRC
https://www.exploit-db.com/exploits/1633	2006-04-02

URL	Date	SRC
http://secunia.com/advisories/16479	2018-10-19

URL	Date	SRC
http://secunia.com/advisories/19454	2018-10-19
http://secunia.com/advisories/19458	2018-10-19
http://secunia.com/advisories/19581	2018-10-19
http://secunia.com/advisories/19834	2018-10-19
http://secunia.com/advisories/19890	2018-10-19
http://secunia.com/advisories/19938	2018-10-19
http://secunia.com/advisories/19967	2018-10-19
http://secunia.com/advisories/19975	2018-10-19
http://secunia.com/advisories/19977	2018-10-19
http://secunia.com/advisories/20009	2018-10-19
http://secunia.com/secunia_research/2006-24/advisory	2018-10-19
http://secunia.com/secunia_research/2006-25/advisory	2018-10-19
http://secunia.com/secunia_research/2006-27	2018-10-19
http://secunia.com/secunia_research/2006-28/advisory	2018-10-19
http://secunia.com/secunia_research/2006-29/advisory	2018-10-19
http://secunia.com/secunia_research/2006-30/advisory	2018-10-19
http://secunia.com/secunia_research/2006-33/advisory	2018-10-19
http://secunia.com/secunia_research/2006-36/advisory	2018-10-19
http://secunia.com/secunia_research/2006-38/advisory	2018-10-19

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Winace Search vendor "Winace"		Winace Search vendor "Winace" for product "Winace"				2.6.0.0 Search vendor "Winace" for product "Winace" and version "2.6.0.0"		-		Affected