What is the severity of CVE-2005-2856?

CVE-2005-2856 is classified as a high severity vulnerability due to its potential for exploitation via stack-based buffer overflow.

How do I fix CVE-2005-2856?

To mitigate CVE-2005-2856, update to WinACE version 2.6.0.0 or later, which addresses this vulnerability.

What systems are affected by CVE-2005-2856?

CVE-2005-2856 affects multiple products that utilize the WinACE UNACEV2.DLL compression utility, specifically versions below 2.6.0.0.

What type of vulnerability is CVE-2005-2856?

CVE-2005-2856 is a stack-based buffer overflow vulnerability that can lead to arbitrary code execution.

Can CVE-2005-2856 be exploited remotely?

Yes, CVE-2005-2856 can potentially be exploited remotely through crafted archive files.

Vulnerability/
CVE-2005-2856

high

7.5

CWE

119

8/9/2005

7/8/2024

CVE-2005-2856: Buffer Overflow

First published: Thu Sep 08 2005(Updated: )

Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
WinAce	=2.6.0.0

Remedy

http://secunia.com/advisories/16479

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-2856?
CVE-2005-2856 is classified as a high severity vulnerability due to its potential for exploitation via stack-based buffer overflow.
How do I fix CVE-2005-2856?
To mitigate CVE-2005-2856, update to WinACE version 2.6.0.0 or later, which addresses this vulnerability.
What systems are affected by CVE-2005-2856?
CVE-2005-2856 affects multiple products that utilize the WinACE UNACEV2.DLL compression utility, specifically versions below 2.6.0.0.
What type of vulnerability is CVE-2005-2856?
CVE-2005-2856 is a stack-based buffer overflow vulnerability that can lead to arbitrary code execution.
Can CVE-2005-2856 be exploited remotely?
Yes, CVE-2005-2856 can potentially be exploited remotely through crafted archive files.

agent/references
agent/softwarecombine
agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/remedy
agent/last-modified-date
agent/author
agent/severity
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/winace
canonical/winace
version/winace/2.6.0.0