RSS   Vulnerabilities for 'Unalz'   RSS

2006-03-13
 
CVE-2006-0950

CWE-22
 

 
unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." (dot dot) sequences in a filename.

 
2005-11-29
 
CVE-2005-3862

 

 
Buffer overflow in unalz before 0.53 allows remote attackers to execute arbitrary code via long file names in ALZ archives.

 


Copyright 2024, cxsecurity.com

 

Back to Top