A buffer overflow in the unace compression library may allow a remote attacker to execute arbitrary code.
The unace compression library is used to decompress ace archives (*.ace file extension). A lack of input validation on filenames in an ace archive may allow a buffer overflow to occur. If an attacker supplies the unace library with a specially crafted compressed ace archive, that attacker may be able to trigger the buffer overflow and, consequently, execute arbitrary code with the privileges of the application linked to unace.
If a remote attacker can convince a user to access a specially crafted ace archive, that attacker may be able to execute arbitrary code. In addition, this vulnerability may prevent security software, such as anti-virus software, from detecting a malicious ace archive.
Apply patches from your vendor
The unace compression library is freely available and used by many vendors in a wide variety of applications. As a result, any one of these applications may contain this vulnerability. Users are encouraged to contact their vendors to determine if they are vulnerable and what action to take.
Do not accept ace archives from untrusted sources
This vulnerability was reported by Ulf Harnhammar.
|Date First Published:||2005-09-22|
|Date Last Updated:||2005-10-28 18:05 UTC|