Vulnerability CVE-2005-2720


Published: 2005-08-30   Modified: 2012-02-12

Description:
Stack-based buffer overflow in the ACE archive decompression library (vrAZace.dll) in HAURI Anti-Virus products including ViRobot Expert 4.0, Advanced Server, Linux Server 2.0, and LiveCall, when compressed file scanning is enabled, allows remote attackers to execute arbitrary code via an ACE archive that contains a file with a long filename.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Hauri -> Livecall 
Hauri -> Virobot advanced server 
Hauri -> Virobot expert 
Hauri -> Virobot linux server 

 References:
http://xforce.iss.net/xforce/xfdb/22005
http://www.securityfocus.com/bid/14647
http://secunia.com/secunia_research/2005-33/advisory/
http://secunia.com/advisories/16488/
http://marc.theaimsgroup.com/?l=bugtraq&m=112490854126619&w=2

Copyright 2024, cxsecurity.com

 

Back to Top