ISS X-Force Database: filzip-unacev2-bo(26447): Filzip unacev2.dll ACE archive buffer overflow

Filzip unacev2.dll ACE archive buffer overflow

filzip-unacev2-bo (26447)

High Risk

Description:

Filzip is vulnerable to a stack-based buffer overflow caused by improper bounds checking of file names by the UNACEV2.DLL file. By creating a malicious ACE archive containing an overly long file name, a remote attacker could overflow a buffer and execute arbitrary code on the system, once the malicious ACE file is extracted.

Platforms Affected:

Philipp Engel, Filzip 3.04

Remedy:

Upgrade to the latest versions of Filzip, available from the Filzip Web site. See References.

Consequences:

Gain Access

References:

Filzip Web page, Filzip home. Try a great, free ZIP program. at http://www.filzip.com/en/index.html.
BID-14759: Multiple Vendor UNACEV2 Archive File Name Buffer Overflow Vulnerability
BID-19884: Microchip Data Systems ZipTV TZipTV ARJ File Handling Buffer Overflow Vulnerability
CVE-2005-2856: Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 and 2.5 Beta 1, (3) WinHKI 1.66 and 1.67, (4) ExtractNow 3.x, (5) Total Commander 6.53, (6) Anti-Trojan 5.5.421, (7) PowerArchiver before 9.61, (8) UltimateZip 2.7,1, 3.0.3, and 3.1b, (9) Where Is It (WhereIsIt) 3.73.501, (10) FilZip 3.04, (11) IZArc 3.5 beta3, (12) Eazel 1.0, (13) Rising Antivirus 18.27.21 and earlier, (14) AutoMate 6.1.0.0, (15) BitZipper 4.1 SR-1, (16) ZipTV, and other products, allows user-assisted attackers to execute arbitrary code via a long filename in an ACE archive.
SA16479: ALZip ACE Archive Handling Buffer Overflow
SA19454: Total Commander unacev2.dll Buffer Overflow Vulnerability
SA19458: WinHKI unacev2.dll Buffer Overflow Vulnerability
SA19581: ExtractNow unacev2.dll Buffer Overflow Vulnerability
SA19596: UltimateZip unacev2.dll Buffer Overflow Vulnerability
SA19612: Servant Salamander unacev2.dll Buffer Overflow Vulnerability
SA19834: FilZip unacev2.dll Buffer Overflow Vulnerability
SA19890: AutoMate unacev2.dll Buffer Overflow Vulnerability
SA19931: Where Is It unacev2.dll Buffer Overflow Vulnerability
SA19938: Eazel unacev2.dll Buffer Overflow Vulnerability
SA19939: BitZipper unacev2.dll Buffer Overflow Vulnerability
SA19967: IZArc unacev2.dll Buffer Overflow Vulnerability
SA19975: Anti-Trojan unacev2.dll Buffer Overflow Vulnerability
SA19977: PowerArchiver unacev2.dll Buffer Overflow Vulnerability
SA20009: Rising Antivirus unacev2.dll Buffer Overflow Vulnerability
SA20270: ZipTV ARJ Archive Handling and unacev2.dll Buffer Overflows
SECTRACK ID: 1014863: ALZip Buffer Overflow UNACEV2.DLL Lets Remote Users Cause Arbitrary Code to Be Executed
SECTRACK ID: 1015852: Total Commander Buffer Overflow UNACEV2.DLL Lets Remote Users Cause Arbitrary Code to Be Executed
SECTRACK ID: 1016011: Servant Salamander Buffer Overflow in `unacev2.dll` Lets Remote Users Execute Arbitrary Code
SECTRACK ID: 1016012: WinHKI Buffer Overflow in `ztvunacev2.dll` Lets Remote Users Execute Arbitrary Code
SECTRACK ID: 1016065: Anti-Trojan Buffer Overflow in `unacev2.dll` in Processing ACE Archives Lets Remote Users Execute Arbitrary Code
SECTRACK ID: 1016066: UltimateZIP Buffer Overflow in Extracting ACE Archives Lets Remote Users Execute Arbitrary Code
SECTRACK ID: 1016088: FilZip Buffer Overflow in `unacev2.dll` in Processing ACE Archives Lets Remote Users Execute Arbitrary Code
SECTRACK ID: 1016114: Eazel Buffer Overflow in `ztvunacev2.dll` in Processing ACE Archives Lets Remote Users Execute Arbitrary Code
SECTRACK ID: 1016115: IZArc Buffer Overflow in `unacev2.dll` in Processing ACE Archives Lets Remote Users Execute Arbitrary Code
SECTRACK ID: 1016177: Rising Antivirus Stack Overflow in Scanning ACE Archives Lets Remote Users Execute Arbitrary Code
SECTRACK ID: 1016257: AutoMate Buffer Overflow in `unacev2.dll` Lets Remote Users Execute Arbitrary Code
SECTRACK ID: 1016512: BitZipper Buffer Overflow in Processing ACE Archives Lets Remote Users Execute Arbitrary Code
VUPEN/ADV-2006-1565: Servant Salamander unacev2.dll ACE File Handling Buffer Overflow Vulnerability
VUPEN/ADV-2006-1577: WinHKI unacev2.dll Library ACE File Handling Buffer Overflow Vulnerability
VUPEN/ADV-2006-1611: ExtractNow unacev2.dll Library ACE File Handling Buffer Overflow Vulnerability
VUPEN/ADV-2006-1681: PowerArchiver unacev2.dll Library ACE Archive Buffer Overflow Vulnerability
VUPEN/ADV-2006-1694: Anti-Trojan unacev2.dll Library ACE Archive Buffer Overflow Vulnerability
VUPEN/ADV-2006-1725: Where Is It unacev2.dll ACE Archive Handling Buffer Overflow Vulnerability
VUPEN/ADV-2006-1775: UltimateZip unacev2.dll ACE Archive Handling Buffer Overflow Vulnerability
VUPEN/ADV-2006-1797: FilZip unacev2.dll Archive Handling Client-Side Buffer Overflow Vulnerability
VUPEN/ADV-2006-1835: IZArc unacev2.dll Archive Handling Client-Side Buffer Overflow Vulnerability
VUPEN/ADV-2006-1836: Eazel unacev2.dll Archive Handling Client-Side Buffer Overflow Vulnerability
VUPEN/ADV-2006-2047: Rising Antivirus unacev2.dll Library ACE Archive Buffer Overflow Vulnerability
VUPEN/ADV-2006-2184: AutoMate unacev2.dll Archive Handling Client-Side Buffer Overflow Vulnerability
VUPEN/ADV-2006-2824: BitZipper unacev2.dll Archive Handling Client-Side Buffer Overflow Vulnerability
VUPEN/ADV-2006-3495: ZipTV ARJ and ACE Archives Multiple Client-Side Buffer Overflow Vulnerabilities

Reported:

May 15, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page