JVN/CVE Demo: Nvdinfos

NVD

Id: 68531
Name: CVE-2005-2856
Description: Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive.
Reject
CVSS Version: 2
CVSS Score: 7.5
Severity: High
CVSS Base Score: 7.5
CVSS Impact Subscore: 6.4
CVSS Exploit Subscore: 10
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Pub Date: 2017-07-18
Published: 2005-09-08
Modified Date: 2017-07-10
Seq: 2005-2856

Actions

Related NVD References

Id	NVD Id	NVD No.	Reference	Actions
354134	68531	CVE-2005-2856	20050908 Secunia Research: ALZip ACE Archive Handling Buffer Overflow	View
354135	68531	CVE-2005-2856	49	View
354136	68531	CVE-2005-2856	1014863	View
354137	68531	CVE-2005-2856	1015852	View
354138	68531	CVE-2005-2856	1016011	View
354139	68531	CVE-2005-2856	1016012	View
354140	68531	CVE-2005-2856	1016065	View
354141	68531	CVE-2005-2856	1016066	View
354142	68531	CVE-2005-2856	1016088	View
354143	68531	CVE-2005-2856	1016114	View
354144	68531	CVE-2005-2856	1016115	View
354145	68531	CVE-2005-2856	1016177	View
354146	68531	CVE-2005-2856	1016257	View
354147	68531	CVE-2005-2856	1016512	View
354148	68531	CVE-2005-2856	20060428 Secunia Research: Servant Salamander unacev2.dll Buffer OverflowVulnerability	View
354149	68531	CVE-2005-2856	20060501 Secunia Research: WinHKI unacev2.dll Buffer Overflow Vulnerability	View
354150	68531	CVE-2005-2856	20060508 Secunia Research: Anti-Trojan unacev2.dll Buffer OverflowVulnerability	View
354151	68531	CVE-2005-2856	20060509 Secunia Research: Where Is It unacev2.dll Buffer OverflowVulnerability	View
354152	68531	CVE-2005-2856	20060511 Secunia Research: UltimateZip unacev2.dll Buffer OverflowVulnerability	View
354153	68531	CVE-2005-2856	20060515 Secunia Research: FilZip unacev2.dll Buffer Overflow Vulnerability	View
354154	68531	CVE-2005-2856	20060517 Secunia Research: IZArc unacev2.dll Buffer Overflow Vulnerability	View
354155	68531	CVE-2005-2856	20060517 Secunia Research: Eazel unacev2.dll Buffer Overflow Vulnerability	View
354156	68531	CVE-2005-2856	20060609 Secunia Research: AutoMate unacev2.dll Buffer OverflowVulnerability	View
354157	68531	CVE-2005-2856	20060717 Secunia Research: BitZipper unacev2.dll Buffer OverflowVulnerability	View
354158	68531	CVE-2005-2856	14759	View
354159	68531	CVE-2005-2856	19884	View
354160	68531	CVE-2005-2856	ADV-2006-1565	View
354161	68531	CVE-2005-2856	ADV-2006-1577	View
354162	68531	CVE-2005-2856	ADV-2006-1611	View
354163	68531	CVE-2005-2856	ADV-2006-1681	View
354164	68531	CVE-2005-2856	ADV-2006-1694	View
354165	68531	CVE-2005-2856	ADV-2006-1725	View
354166	68531	CVE-2005-2856	ADV-2006-1775	View
354167	68531	CVE-2005-2856	ADV-2006-1797	View
354168	68531	CVE-2005-2856	ADV-2006-1835	View
354169	68531	CVE-2005-2856	ADV-2006-1836	View
354170	68531	CVE-2005-2856	ADV-2006-2047	View
354171	68531	CVE-2005-2856	ADV-2006-2184	View
354172	68531	CVE-2005-2856	ADV-2006-2824	View
354173	68531	CVE-2005-2856	ADV-2006-3495	View
354174	68531	CVE-2005-2856	servant-salamander-unacev2-bo(26116)	View
354175	68531	CVE-2005-2856	winhki-unacev2-bo(26142)	View
354176	68531	CVE-2005-2856	extractnow-unacev2-ace-bo(26168)	View
354177	68531	CVE-2005-2856	powerarchiver-unacev2-ace-bo(26272)	View
354178	68531	CVE-2005-2856	antitrojan-unacev2-bo(26302)	View
354179	68531	CVE-2005-2856	whereisit-unacev2-bo(26315)	View
354180	68531	CVE-2005-2856	ultimatezip-unacev2-bo(26385)	View
354181	68531	CVE-2005-2856	filzip-unacev2-bo(26447)	View
354182	68531	CVE-2005-2856	eazel-ztvunacev2-bo(26479)	View
354183	68531	CVE-2005-2856	izarc-unacev2-bo(26480)	View
354184	68531	CVE-2005-2856	risingantivirus-unacev2-bo(26736)	View
354185	68531	CVE-2005-2856	automate-unacev2-bo(26982)	View
354186	68531	CVE-2005-2856	bitzipper-unacev2-bo(27763)	View
354187	68531	CVE-2005-2856	tziptv-unacev2-bo(28787)	View

Message	Memory use
Component initialization	1.38 MB
Controller action start	1.49 MB
Controller render start	2.37 MB
View render complete	41.35 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.69
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	313.89
Event: Controller.beforeRender	4.81
» Processing toolbar data	4.72
Rendering View	1756.39
» Event: View.beforeRender	0.02
» Rendering APP/View/Nvdinfos/view.ctp	1699.17
» Event: View.afterRender	0.04
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	41.18
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	12.55
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/nvdinfos/view/68531
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/nvdinfos/view/68531
Remote Port	17238
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	3.144.137.236
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	3.144.137.236
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	3.144.137.236
Unique Id	aCpGWK89PvxDnhZocWQCRAAAAM8
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	3.144.137.236
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	3.144.137.236
Redirect Unique Id	aCpGWK89PvxDnhZocWQCRAAAAM8
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	3.144.137.236
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	3.144.137.236
Redirect Redirect Unique Id	aCpGWK89PvxDnhZocWQCRAAAAM8
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1747600984.9707
Request Time	1747600984

NVD

Actions

Related NVD References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files