E-Mail:

unace Directory Traversal and Buffer Overflow Vulnerabilities

Saturday, March 5th, 2005
by Marc Erickson

Secunia Advisory: SA14359

Critical: Moderately critical

Impact: System access

Where: From remote

Solution Status: Unpatched

Software: unace 1.x, unace 2.x

Ulf Härnhammar has discovered some vulnerabilities in unace, which can be exploited by malicious people to compromise a user’s system.

The vulnerabilities have been confirmed in version 1.2b. One of the buffer overflow vulnerabilities have also been reported in version 2.04, 2.2 and 2.5. Other versions may also be affected.

Successful exploitation may allow execution of arbitrary code.

Solution: Do not extract, list, or test untrusted ACE archives.

Use another product.

Full article: Secunia Advisory: SA14359

Tags
Categories

What Do You Think?

 

Want to Start a Blog Here for Free?

Are you an expert in one subject or another? If your goal is to help others and dispense your hard-earned information back to the community, get involved in our community site today! You can write about anything - no matter the topic. Exceptional candidates will be offered the chance to contribute to (and generate revenue from) the main Lockergnome site. Join us today!

Environment - Dec 2, 2008

New Environmental Threat Discovered In North American Lakes

Internet - Nov 26, 2008

AskPatty.com Launches The Ultimate Experience For Women Car Buyers

Environment - Nov 20, 2008

Effective Global Regulation

Energy - Nov 18, 2008

Hybrid Cars Too Quiet For Pedestrian Safety?

65 queries / 0.371 seconds.