cbcvebase.
CVE-2015-2063
published 2015-03-09

CVE-2015-2063: Integer overflow in unace 1.2b allows remote attackers to cause a denial of service (crash) via a small file header in an ace archive, which triggers a buffer…

PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNINAP
EPSS
2.89%
85.1th percentile
Integer overflow in unace 1.2b allows remote attackers to cause a denial of service (crash) via a small file header in an ace archive, which triggers a buffer overflow.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianunace< unace 1.2b-12 (bookworm)unace 1.2b-12 (bookworm)
e-mergeunace>= 0 < 1.2b-121.2b-12
e-mergeunace>= 0 < 1.2b-121.2b-12
e-mergeunace>= 0 < 1.2b-121.2b-12
e-mergeunace>= 0 < 1.2b-121.2b-12
winaceunace

CVSS provenance

nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.