MidnightBSD

Advisories for unalz

CVE-2005-3862 HIGH

Buffer overflow in unalz before 0.53 allows remote attackers to execute arbitrary code via long file names in ALZ archives.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
unalz unalz 0.5
unalz unalz 0.23
unalz unalz 0.31
unalz unalz 0.52
unalz unalz 0.2
unalz unalz 0.3
unalz unalz 0.51
unalz unalz 0.4
unalz unalz 0.22
CVE-2006-0950 LOW

unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." (dot dot) sequences in a filename.

CVSS 2.0

Severity: LOW

Problem Type: CWE-22,

Products Affected

Vendor Product Version
unalz unalz 0.53