OpenBSD VuXML: Documenting security issues in the OpenBSD Ports & Packages Collection

unace -- multiple buffer overflows

Affected packages
unace < 1.2bp0

Details

VuXML ID f46673fc-84e8-11d9-abde-080020fe8945
Discovery 2005-02-22
Entry 2005-02-22

Ulf Harnhammar wrote:

(1) There are buffer overflows when extracting, testing or listing specially prepared ACE archives.

(2) There are directory traversal bugs when extracting ACE archives.

(3) There are buffer overflows when dealing with long (>17000 characters) command line arguments.

References

CVE Name CAN-2005-0160
CVE Name CAN-2005-0161

Copyright © 2003-2005 Jacques Vidrine, Robert Nagy, and contributors.
Please see the source of this document for full copyright information.