Detections
Analytics

CVE-2005-2856

high

Description

Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/28787

https://exchange.xforce.ibmcloud.com/vulnerabilities/27763

https://exchange.xforce.ibmcloud.com/vulnerabilities/26982

https://exchange.xforce.ibmcloud.com/vulnerabilities/26736

https://exchange.xforce.ibmcloud.com/vulnerabilities/26480

https://exchange.xforce.ibmcloud.com/vulnerabilities/26479

https://exchange.xforce.ibmcloud.com/vulnerabilities/26447

https://exchange.xforce.ibmcloud.com/vulnerabilities/26385

https://exchange.xforce.ibmcloud.com/vulnerabilities/26315

https://exchange.xforce.ibmcloud.com/vulnerabilities/26302

https://exchange.xforce.ibmcloud.com/vulnerabilities/26272

https://exchange.xforce.ibmcloud.com/vulnerabilities/26168

https://exchange.xforce.ibmcloud.com/vulnerabilities/26142

https://exchange.xforce.ibmcloud.com/vulnerabilities/26116

http://www.vupen.com/english/advisories/2006/3495

http://www.vupen.com/english/advisories/2006/2824

http://www.vupen.com/english/advisories/2006/2184

http://www.vupen.com/english/advisories/2006/2047

http://www.vupen.com/english/advisories/2006/1836

http://www.vupen.com/english/advisories/2006/1835

http://www.vupen.com/english/advisories/2006/1797

http://www.vupen.com/english/advisories/2006/1775

http://www.vupen.com/english/advisories/2006/1725

http://www.vupen.com/english/advisories/2006/1694

http://www.vupen.com/english/advisories/2006/1681

http://www.vupen.com/english/advisories/2006/1611

http://www.vupen.com/english/advisories/2006/1577

http://www.vupen.com/english/advisories/2006/1565

http://www.securityfocus.com/bid/19884

http://www.securityfocus.com/bid/14759

http://www.securityfocus.com/archive/1/440303/100/0/threaded

http://www.securityfocus.com/archive/1/436639/100/0/threaded

http://www.securityfocus.com/archive/1/434279/100/0/threaded

http://www.securityfocus.com/archive/1/434234/100/0/threaded

http://www.securityfocus.com/archive/1/434011/100/0/threaded

http://www.securityfocus.com/archive/1/433693/100/0/threaded

http://www.securityfocus.com/archive/1/433352/100/0/threaded

http://www.securityfocus.com/archive/1/433258/100/0/threaded

http://www.securityfocus.com/archive/1/432579/100/0/threaded

http://www.securityfocus.com/archive/1/432357/100/0/threaded

http://www.osvdb.org/25129

http://securitytracker.com/id?1016512

http://securitytracker.com/id?1016257

http://securitytracker.com/id?1016177

http://securitytracker.com/id?1016115

http://securitytracker.com/id?1016114

http://securitytracker.com/id?1016088

http://securitytracker.com/id?1016066

http://securitytracker.com/id?1016065

http://securitytracker.com/id?1016012

http://securitytracker.com/id?1016011

http://securitytracker.com/id?1015852

http://securitytracker.com/id?1014863

http://securityreason.com/securityalert/49

http://secunia.com/secunia_research/2006-50/advisory/

http://secunia.com/secunia_research/2006-46/advisory/

http://secunia.com/secunia_research/2006-38/advisory

http://secunia.com/secunia_research/2006-36/advisory

http://secunia.com/secunia_research/2006-33/advisory/

http://secunia.com/secunia_research/2006-32/advisory/

http://secunia.com/secunia_research/2006-30/advisory

http://secunia.com/secunia_research/2006-29/advisory/

http://secunia.com/secunia_research/2006-28/advisory

http://secunia.com/secunia_research/2006-27/

http://secunia.com/secunia_research/2006-25/advisory

http://secunia.com/secunia_research/2006-24/advisory

http://secunia.com/secunia_research/2005-41/advisory/

http://secunia.com/advisories/20270

http://secunia.com/advisories/20009

http://secunia.com/advisories/19977

http://secunia.com/advisories/19975

http://secunia.com/advisories/19967

http://secunia.com/advisories/19939

http://secunia.com/advisories/19938

http://secunia.com/advisories/19931

http://secunia.com/advisories/19890

http://secunia.com/advisories/19834

http://secunia.com/advisories/19612

http://secunia.com/advisories/19596

http://secunia.com/advisories/19581

http://secunia.com/advisories/19458

http://secunia.com/advisories/19454

http://secunia.com/advisories/16479

http://marc.info/?l=bugtraq&m=112621008228458&w=2

Details

Source: Mitre, NVD

Published: 2005-09-08

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.21562