Stack-based buffer overflow in the ACE archive decompression library (vrAZace.dll) in HAURI Anti-Virus products including ViRobot Expert 4.0, Advanced Server, Linux Server 2.0, and LiveCall, when compressed file scanning is enabled, allows remote attackers to execute arbitrary code via an ACE archive that contains a file with a long filename.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Livecall | Hauri | * | * |
| Virobot_advanced_server | Hauri | * | * |
| Virobot_expert | Hauri | 4.0 (including) | 4.0 (including) |
| Virobot_linux_server | Hauri | 2.0 (including) | 2.0 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=112490854126619\u0026w=2
- http://secunia.com/advisories/16488/
- http://secunia.com/secunia_research/2005-33/advisory/
- http://www.securityfocus.com/bid/14647
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22005
- http://marc.info/?l=bugtraq\u0026m=112490854126619\u0026w=2
- http://secunia.com/advisories/16488/
- http://secunia.com/secunia_research/2005-33/advisory/
- http://www.securityfocus.com/bid/14647
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22005