CVE-2005-2957
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2005-2957
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Stack-based buffer overflow in AVIRA Desktop for Windows 1.00.00.68 with AVPACK32.DLL 6.31.0.3, when archive scanning is enabled, allows remote attackers to execute arbitrary code via a long filename in an ACE archive.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
AVIRA杀毒软件ACE文档处理溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
AVIRA是在德国非常流行的一款杀毒软件产品。 AVIRA Desktop for Windows杀毒软件中存在缓冲区溢出漏洞,成功利用这个漏洞的攻击者可以远程执行任意代码。起因是在从ACE文档中读取压缩文件的文件名时存在边界条件错误。如果ACE文档中的压缩文件包含有特别长的文件名,则在扫描该文件时就可能导致栈溢出。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2005-2957
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2005-2957
请登录查看更多情报信息。
- http://secunia.com/secunia_research/2005-43/advisory/x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2005-2957
Same Patch Batch · n/a · 2005-09-16 · 16 CVEs total
| CVE-2005-2657 | Common-Lisp-Controller缓存目录中任意代码注入漏洞 | |
| CVE-2005-2877 | TWiki TWikiUsers INCLUDE函数远程执行任意命令漏洞 | |
| CVE-2005-2944 | GNOME Workstation Command Center perform_file_save不安全临时文件创建漏洞 | |
| CVE-2005-2945 | Arc不安全临时文件创建漏洞 | |
| CVE-2005-2946 | openssl证书伪造漏洞 | |
| CVE-2005-2947 | KillProcess缓冲区溢出漏洞 | |
| CVE-2005-2948 | KillProcess 杀除列表绕过漏洞 | |
| CVE-2005-2949 | Mark D. Roth PAM_Per_User认证绕过漏洞 | |
| CVE-2005-2950 | Sawmill跨站点脚本(XSS)漏洞 | |
| CVE-2005-2951 | AzDGDatingLite security.inc.php目录遍历漏洞 | |
| CVE-2005-2952 | Subscribe Me Pro远程目录遍历漏洞 | |
| CVE-2005-2953 | MIVA Merchant Merchant.MVC跨站脚本漏洞 | |
| CVE-2005-2954 | ATutor Password_Reminder.PHP SQL注入漏洞 | |
| CVE-2005-2955 | Atutor任意代码执行漏洞 | |
| CVE-2005-2956 | ATutor Chat Logs远程信息泄露漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2005-2957
No comments yet