Back to search
CVE-2005-2384
Published: Jul 27, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Directory traversal vulnerability in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to write arbitrary files via an ACE archive containing filenames with (1) .. or (2) absolute pathnames.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
15776
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/secunia_research/2005-20/advisory/
x_refsource_MISC
http://www.avast.com/eng/av4_revision_history.html
x_refsource_MISC
1014544
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now