JVN/CVE Demo: Cveinfos

CVE

Id: 14062
CVE No.: CVE-2005-2856
Status: Candidate
Description: Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive.
Phase: Assigned (20050908)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
103683	14062	CVE-2005-2856	BUGTRAQ:20050908 Secunia Research: ALZip ACE Archive Handling Buffer Overflow	View
103684	14062	CVE-2005-2856	URL:http://marc.info/?l=bugtraq&m=112621008228458&w=2	View
103685	14062	CVE-2005-2856	BUGTRAQ:20060428 Secunia Research: Servant Salamander unacev2.dll Buffer OverflowVulnerability	View
103686	14062	CVE-2005-2856	URL:http://www.securityfocus.com/archive/1/archive/1/432357/100/0/threaded	View
103687	14062	CVE-2005-2856	BUGTRAQ:20060501 Secunia Research: WinHKI unacev2.dll Buffer Overflow Vulnerability	View
103688	14062	CVE-2005-2856	URL:http://www.securityfocus.com/archive/1/archive/1/432579/100/0/threaded	View
103689	14062	CVE-2005-2856	BUGTRAQ:20060508 Secunia Research: Anti-Trojan unacev2.dll Buffer OverflowVulnerability	View
103690	14062	CVE-2005-2856	URL:http://www.securityfocus.com/archive/1/archive/1/433258/100/0/threaded	View
103691	14062	CVE-2005-2856	BUGTRAQ:20060511 Secunia Research: UltimateZip unacev2.dll Buffer OverflowVulnerability	View
103692	14062	CVE-2005-2856	URL:http://www.securityfocus.com/archive/1/archive/1/433693/100/0/threaded	View
103693	14062	CVE-2005-2856	BUGTRAQ:20060509 Secunia Research: Where Is It unacev2.dll Buffer OverflowVulnerability	View
103694	14062	CVE-2005-2856	URL:http://www.securityfocus.com/archive/1/archive/1/433352/100/0/threaded	View
103695	14062	CVE-2005-2856	BUGTRAQ:20060515 Secunia Research: FilZip unacev2.dll Buffer Overflow Vulnerability	View
103696	14062	CVE-2005-2856	URL:http://www.securityfocus.com/archive/1/archive/1/434011/100/0/threaded	View
103697	14062	CVE-2005-2856	BUGTRAQ:20060517 Secunia Research: IZArc unacev2.dll Buffer Overflow Vulnerability	View
103698	14062	CVE-2005-2856	URL:http://www.securityfocus.com/archive/1/archive/1/434234/100/0/threaded	View
103699	14062	CVE-2005-2856	BUGTRAQ:20060517 Secunia Research: Eazel unacev2.dll Buffer Overflow Vulnerability	View
103700	14062	CVE-2005-2856	URL:http://www.securityfocus.com/archive/1/archive/1/434279/100/0/threaded	View
103701	14062	CVE-2005-2856	BUGTRAQ:20060609 Secunia Research: AutoMate unacev2.dll Buffer OverflowVulnerability	View
103702	14062	CVE-2005-2856	URL:http://www.securityfocus.com/archive/1/archive/1/436639/100/0/threaded	View
103703	14062	CVE-2005-2856	BUGTRAQ:20060717 Secunia Research: BitZipper unacev2.dll Buffer OverflowVulnerability	View
103704	14062	CVE-2005-2856	URL:http://www.securityfocus.com/archive/1/archive/1/440303/100/0/threaded	View
103705	14062	CVE-2005-2856	MISC:http://secunia.com/secunia_research/2005-41/advisory/	View
103706	14062	CVE-2005-2856	MISC:http://secunia.com/secunia_research/2006-24/advisory	View
103707	14062	CVE-2005-2856	MISC:http://secunia.com/secunia_research/2006-25/advisory	View
103708	14062	CVE-2005-2856	MISC:http://secunia.com/secunia_research/2006-27/	View
103709	14062	CVE-2005-2856	MISC:http://secunia.com/secunia_research/2006-28/advisory	View
103710	14062	CVE-2005-2856	MISC:http://secunia.com/secunia_research/2006-29/advisory/	View
103711	14062	CVE-2005-2856	MISC:http://secunia.com/secunia_research/2006-30/advisory	View
103712	14062	CVE-2005-2856	MISC:http://secunia.com/secunia_research/2006-32/advisory/	View
103713	14062	CVE-2005-2856	MISC:http://secunia.com/secunia_research/2006-33/advisory/	View
103714	14062	CVE-2005-2856	MISC:http://secunia.com/secunia_research/2006-36/advisory	View
103715	14062	CVE-2005-2856	MISC:http://secunia.com/secunia_research/2006-38/advisory	View
103716	14062	CVE-2005-2856	MISC:http://secunia.com/secunia_research/2006-46/advisory/	View
103717	14062	CVE-2005-2856	MISC:http://secunia.com/secunia_research/2006-50/advisory/	View
103718	14062	CVE-2005-2856	BID:14759	View
103719	14062	CVE-2005-2856	URL:http://www.securityfocus.com/bid/14759	View
103720	14062	CVE-2005-2856	BID:19884	View
103721	14062	CVE-2005-2856	URL:http://www.securityfocus.com/bid/19884	View
103722	14062	CVE-2005-2856	VUPEN:ADV-2006-1565	View
103723	14062	CVE-2005-2856	URL:http://www.vupen.com/english/advisories/2006/1565	View
103724	14062	CVE-2005-2856	VUPEN:ADV-2006-1577	View
103725	14062	CVE-2005-2856	URL:http://www.vupen.com/english/advisories/2006/1577	View
103726	14062	CVE-2005-2856	VUPEN:ADV-2006-1611	View
103727	14062	CVE-2005-2856	URL:http://www.vupen.com/english/advisories/2006/1611	View
103728	14062	CVE-2005-2856	VUPEN:ADV-2006-1694	View
103729	14062	CVE-2005-2856	URL:http://www.vupen.com/english/advisories/2006/1694	View
103730	14062	CVE-2005-2856	VUPEN:ADV-2006-1681	View
103731	14062	CVE-2005-2856	URL:http://www.vupen.com/english/advisories/2006/1681	View
103732	14062	CVE-2005-2856	VUPEN:ADV-2006-1725	View
103733	14062	CVE-2005-2856	URL:http://www.vupen.com/english/advisories/2006/1725	View
103734	14062	CVE-2005-2856	VUPEN:ADV-2006-1797	View
103735	14062	CVE-2005-2856	URL:http://www.vupen.com/english/advisories/2006/1797	View
103736	14062	CVE-2005-2856	VUPEN:ADV-2006-1775	View
103737	14062	CVE-2005-2856	URL:http://www.vupen.com/english/advisories/2006/1775	View
103738	14062	CVE-2005-2856	VUPEN:ADV-2006-1835	View
103739	14062	CVE-2005-2856	URL:http://www.vupen.com/english/advisories/2006/1835	View
103740	14062	CVE-2005-2856	VUPEN:ADV-2006-1836	View
103741	14062	CVE-2005-2856	URL:http://www.vupen.com/english/advisories/2006/1836	View
103742	14062	CVE-2005-2856	VUPEN:ADV-2006-2047	View
103743	14062	CVE-2005-2856	URL:http://www.vupen.com/english/advisories/2006/2047	View
103744	14062	CVE-2005-2856	VUPEN:ADV-2006-2184	View
103745	14062	CVE-2005-2856	URL:http://www.vupen.com/english/advisories/2006/2184	View
103746	14062	CVE-2005-2856	VUPEN:ADV-2006-2824	View
103747	14062	CVE-2005-2856	URL:http://www.vupen.com/english/advisories/2006/2824	View
103748	14062	CVE-2005-2856	VUPEN:ADV-2006-3495	View
103749	14062	CVE-2005-2856	URL:http://www.vupen.com/english/advisories/2006/3495	View
103750	14062	CVE-2005-2856	OSVDB:25129	View
103751	14062	CVE-2005-2856	URL:http://www.osvdb.org/25129	View
103752	14062	CVE-2005-2856	SECTRACK:1016011	View
103753	14062	CVE-2005-2856	URL:http://securitytracker.com/id?1016011	View
103754	14062	CVE-2005-2856	SECTRACK:1016012	View
103755	14062	CVE-2005-2856	URL:http://securitytracker.com/id?1016012	View
103756	14062	CVE-2005-2856	SECTRACK:1015852	View
103757	14062	CVE-2005-2856	URL:http://securitytracker.com/id?1015852	View
103758	14062	CVE-2005-2856	SECTRACK:1014863	View
103759	14062	CVE-2005-2856	URL:http://securitytracker.com/id?1014863	View
103760	14062	CVE-2005-2856	SECTRACK:1016065	View
103761	14062	CVE-2005-2856	URL:http://securitytracker.com/id?1016065	View
103762	14062	CVE-2005-2856	SECTRACK:1016066	View
103763	14062	CVE-2005-2856	URL:http://securitytracker.com/id?1016066	View
103764	14062	CVE-2005-2856	SECTRACK:1016088	View
103765	14062	CVE-2005-2856	URL:http://securitytracker.com/id?1016088	View
103766	14062	CVE-2005-2856	SECTRACK:1016114	View
103767	14062	CVE-2005-2856	URL:http://securitytracker.com/id?1016114	View
103768	14062	CVE-2005-2856	SECTRACK:1016115	View
103769	14062	CVE-2005-2856	URL:http://securitytracker.com/id?1016115	View
103770	14062	CVE-2005-2856	SECTRACK:1016177	View
103771	14062	CVE-2005-2856	URL:http://securitytracker.com/id?1016177	View
103772	14062	CVE-2005-2856	SECTRACK:1016257	View
103773	14062	CVE-2005-2856	URL:http://securitytracker.com/id?1016257	View
103774	14062	CVE-2005-2856	SECTRACK:1016512	View
103775	14062	CVE-2005-2856	URL:http://securitytracker.com/id?1016512	View
103776	14062	CVE-2005-2856	SECUNIA:16479	View
103777	14062	CVE-2005-2856	URL:http://secunia.com/advisories/16479	View
103778	14062	CVE-2005-2856	SECUNIA:19454	View
103779	14062	CVE-2005-2856	URL:http://secunia.com/advisories/19454	View
103780	14062	CVE-2005-2856	SECUNIA:19458	View
103781	14062	CVE-2005-2856	URL:http://secunia.com/advisories/19458	View
103782	14062	CVE-2005-2856	SECUNIA:19581	View
103783	14062	CVE-2005-2856	URL:http://secunia.com/advisories/19581	View
103784	14062	CVE-2005-2856	SECUNIA:19612	View
103785	14062	CVE-2005-2856	URL:http://secunia.com/advisories/19612	View
103786	14062	CVE-2005-2856	SECUNIA:19975	View
103787	14062	CVE-2005-2856	URL:http://secunia.com/advisories/19975	View
103788	14062	CVE-2005-2856	SECUNIA:19977	View
103789	14062	CVE-2005-2856	URL:http://secunia.com/advisories/19977	View
103790	14062	CVE-2005-2856	SECUNIA:19596	View
103791	14062	CVE-2005-2856	URL:http://secunia.com/advisories/19596	View
103792	14062	CVE-2005-2856	SECUNIA:19834	View
103793	14062	CVE-2005-2856	URL:http://secunia.com/advisories/19834	View
103794	14062	CVE-2005-2856	SECUNIA:19931	View
103795	14062	CVE-2005-2856	URL:http://secunia.com/advisories/19931	View
103796	14062	CVE-2005-2856	SECUNIA:19938	View
103797	14062	CVE-2005-2856	URL:http://secunia.com/advisories/19938	View
103798	14062	CVE-2005-2856	SECUNIA:19967	View
103799	14062	CVE-2005-2856	URL:http://secunia.com/advisories/19967	View
103800	14062	CVE-2005-2856	SECUNIA:20009	View
103801	14062	CVE-2005-2856	URL:http://secunia.com/advisories/20009	View
103802	14062	CVE-2005-2856	SECUNIA:19890	View
103803	14062	CVE-2005-2856	URL:http://secunia.com/advisories/19890	View
103804	14062	CVE-2005-2856	SECUNIA:19939	View
103805	14062	CVE-2005-2856	URL:http://secunia.com/advisories/19939	View
103806	14062	CVE-2005-2856	SECUNIA:20270	View
103807	14062	CVE-2005-2856	URL:http://secunia.com/advisories/20270	View
103808	14062	CVE-2005-2856	SREASON:49	View
103809	14062	CVE-2005-2856	URL:http://securityreason.com/securityalert/49	View
103810	14062	CVE-2005-2856	XF:eazel-ztvunacev2-bo(26479)	View
103811	14062	CVE-2005-2856	URL:http://xforce.iss.net/xforce/xfdb/26479	View
103812	14062	CVE-2005-2856	XF:izarc-unacev2-bo(26480)	View
103813	14062	CVE-2005-2856	URL:http://xforce.iss.net/xforce/xfdb/26480	View
103814	14062	CVE-2005-2856	XF:filzip-unacev2-bo(26447)	View
103815	14062	CVE-2005-2856	URL:http://xforce.iss.net/xforce/xfdb/26447	View
103816	14062	CVE-2005-2856	XF:bitzipper-unacev2-bo(27763)	View
103817	14062	CVE-2005-2856	URL:http://xforce.iss.net/xforce/xfdb/27763	View
103818	14062	CVE-2005-2856	XF:extractnow-unacev2-ace-bo(26168)	View
103819	14062	CVE-2005-2856	URL:http://xforce.iss.net/xforce/xfdb/26168	View
103820	14062	CVE-2005-2856	XF:ultimatezip-unacev2-bo(26385)	View
103821	14062	CVE-2005-2856	URL:http://xforce.iss.net/xforce/xfdb/26385	View
103822	14062	CVE-2005-2856	XF:whereisit-unacev2-bo(26315)	View
103823	14062	CVE-2005-2856	URL:http://xforce.iss.net/xforce/xfdb/26315	View
103824	14062	CVE-2005-2856	XF:winhki-unacev2-bo(26142)	View
103825	14062	CVE-2005-2856	URL:http://xforce.iss.net/xforce/xfdb/26142	View
103826	14062	CVE-2005-2856	XF:antitrojan-unacev2-bo(26302)	View
103827	14062	CVE-2005-2856	URL:http://xforce.iss.net/xforce/xfdb/26302	View
103828	14062	CVE-2005-2856	XF:automate-unacev2-bo(26982)	View
103829	14062	CVE-2005-2856	URL:http://xforce.iss.net/xforce/xfdb/26982	View
103830	14062	CVE-2005-2856	XF:powerarchiver-unacev2-ace-bo(26272)	View
103831	14062	CVE-2005-2856	URL:http://xforce.iss.net/xforce/xfdb/26272	View
103832	14062	CVE-2005-2856	XF:risingantivirus-unacev2-bo(26736)	View
103833	14062	CVE-2005-2856	URL:http://xforce.iss.net/xforce/xfdb/26736	View
103834	14062	CVE-2005-2856	XF:servant-salamander-unacev2-bo(26116)	View
103835	14062	CVE-2005-2856	URL:http://xforce.iss.net/xforce/xfdb/26116	View
103836	14062	CVE-2005-2856	XF:tziptv-unacev2-bo(28787)	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.50 MB
View render complete	3.16 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	13.05
Event: Controller.initialize	0.02
Event: Controller.startup	0.07
Controller action	541.23
Event: Controller.beforeRender	6.67
» Processing toolbar data	6.53
Rendering View	61.15
» Event: View.beforeRender	0.03
» Rendering APP/View/Cveinfos/view.ctp	59.56
» Event: View.afterRender	0.03
» Event: View.beforeLayout	0.03
» Rendering APP/View/Layouts/default.ctp	0.94
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.15
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/14062
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/14062
Remote Port	40449
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.223
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.148.26
Http Via	1.1 squid-proxy-5b5d847c96-7f7gz (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.223
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.223
Unique Id	aOFIE-TvVDV7zYrbUEmT0gAAAcg
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.223
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.223
Redirect Unique Id	aOFIE-TvVDV7zYrbUEmT0gAAAcg
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.223
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.223
Redirect Redirect Unique Id	aOFIE-TvVDV7zYrbUEmT0gAAAcg
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1759594515.7742
Request Time	1759594515

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files