|
|
Log in / Subscribe / Register

unace: code execution

Package(s):unace CVE #(s):CVE-2015-2063
Created:March 3, 2015 Updated:March 4, 2015
Description: From the Debian advisory:

Jakub Wilk discovered that unace, an utility to extract, test and view .ace archives, contained an integer overflow leading to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ace archive, an attacker could cause a denial of service (application crash) or, possibly, execute arbitrary code.

Alerts:
Debian-LTS DLA-164-1 unace 2015-03-03
Debian DSA-3178-1 unace 2015-03-02
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds