CVE Vulnerabilities

CVE-2005-2384

Published: Jul 27, 2005 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Directory traversal vulnerability in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to write arbitrary files via an ACE archive containing filenames with (1) .. or (2) absolute pathnames.

Affected Software

Name Vendor Start Version End Version
Avast_antivirus Alwil 4.6.665 4.6.665
Avast_antivirus Alwil 4.6.460 4.6.460
Avast_antivirus Alwil 4.6.665 4.6.665

References