Description
Multiple directory traversal vulnerabilities in unace 1.2b allow attackers to overwrite arbitrary files via an ACE archive containing (1) ../ sequences or (2) absolute pathnames.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Ulf Harnhammar · textremotelinux
https://www.exploit-db.com/exploits/25150
References (4)
Core 4
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/14359
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/12628
Vendor Advisory mailing-list
x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031908.html
Vendor Advisory vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2005_16_sr.html
Scores
EPSS
0.0046
EPSS Percentile
64.0%
Details
Status
published
Products (1)
e-merge/unace
1.2b
Published
Feb 22, 2005
Tracked Since
Feb 18, 2026