Vulnerability CVE-2015-2063: Information
Description
Integer overflow in unace 1.2b allows remote attackers to cause a denial of service (crash) via a small file header in an ace archive, which triggers a buffer overflow.
Severity: MEDIUM (4.3)
Vector: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
|---|---|---|---|---|---|---|
| unace | sisyphus | 1.2b-alt4 | 1.2b-alt5 | ALT-PU-2020-3159-1 | 260619 | Fixed |
| unace | p11 | 1.2b-alt4 | 1.2b-alt5 | ALT-PU-2020-3159-1 | 260619 | Fixed |
| unace | p10 | 1.2b-alt4 | 1.2b-alt5 | ALT-PU-2020-3159-1 | 260619 | Fixed |
| unace | p9 | 1.2b-alt5 | 1.2b-alt5 | ALT-PU-2020-3196-1 | 260620 | Fixed |
| unace | c10f2 | 1.2b-alt4 | 1.2b-alt5 | ALT-PU-2020-3159-1 | 260619 | Fixed |
| unace | c9f2 | 1.2b-alt5 | 1.2b-alt5 | ALT-PU-2024-11156-3 | 355130 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
|---|---|
| http://www.debian.org/security/2015/dsa-3178 |
|
| http://www.openwall.com/lists/oss-security/2015/02/24/1 |
|
| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775003 |
|