Vulnerability Name: | CVE-2005-2957 (CCN-24089) | ||||||||
Assigned: | 2005-09-14 | ||||||||
Published: | 2005-09-14 | ||||||||
Updated: | 2016-10-18 | ||||||||
Summary: | Stack-based buffer overflow in AVIRA Desktop for Windows 1.00.00.68 with AVPACK32.DLL 6.31.0.3, when archive scanning is enabled, allows remote attackers to execute arbitrary code via a long filename in an ACE archive. | ||||||||
CVSS v3 Severity: | 9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
5.6 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2005-2957 Source: BUGTRAQ Type: UNKNOWN 20050914 Secunia Research: AVIRA Antivirus ACE Archive Handling Buffer Overflow Source: CCN Type: BugTraq Mailing List, 2005-09-14 11:03:31 AVIRA Antivirus ACE Archive Handling Buffer Source: CCN Type: SA16691 AVIRA Antivirus ACE Archive Handling Buffer Overflow Source: SECUNIA Type: Patch, Vendor Advisory 16691 Source: MISC Type: Patch, Vendor Advisory http://secunia.com/secunia_research/2005-43/advisory/ Source: CONFIRM Type: Patch, Vendor Advisory http://www.avira.com/en/news/avira_desktop_for_windows_patched_against_vulnerability.html Source: CCN Type: Avira Desktop of Windows Web site AVIRA Antivirus Solution Description: AVIRA Desktop for Windows - Details Source: CCN Type: OSVDB ID: 19384 Avira AntiVir ACE Archive Long Filename Overflow Source: BID Type: Patch 14824 Source: CCN Type: BID-14824 AVIRA Desktop for Windows ACE Archive Handling Remote Buffer Overflow Vulnerability Source: XF Type: UNKNOWN avira-ace-filename-bo(24089) | ||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
BACK |