CVE-2015-2063
published 2015-03-09CVE-2015-2063: Integer overflow in unace 1.2b allows remote attackers to cause a denial of service (crash) via a small file header in an ace archive, which triggers a buffer…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNINAP
EPSS
2.89%
85.1th percentile
Integer overflow in unace 1.2b allows remote attackers to cause a denial of service (crash) via a small file header in an ace archive, which triggers a buffer overflow.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | unace | < unace 1.2b-12 (bookworm) | unace 1.2b-12 (bookworm) |
| e-merge | unace | >= 0 < 1.2b-12 | 1.2b-12 |
| e-merge | unace | >= 0 < 1.2b-12 | 1.2b-12 |
| e-merge | unace | >= 0 < 1.2b-12 | 1.2b-12 |
| e-merge | unace | >= 0 < 1.2b-12 | 1.2b-12 |
| winace | unace | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2015-2063: unace - Integer overflow in unace 1.2b allows remote attackers to cause a denial of serv...
vendor_debian·2015·CVSS 4.3
CVE-2015-2063 [MEDIUM] CVE-2015-2063: unace - Integer overflow in unace 1.2b allows remote attackers to cause a denial of serv...
Integer overflow in unace 1.2b allows remote attackers to cause a denial of service (crash) via a small file header in an ace archive, which triggers a buffer overflow.
Scope: local
bookworm: resolved (fixed in 1.2b-12)
bullseye: resolved (fixed in 1.2b-12)
forky: resolved (fixed in 1.2b-12)
sid: resolved (fixed in 1.2b-12)
trixie: resolved (fixed in 1.2b-12)
GHSA
GHSA-q4cq-r65m-xhwh: Integer overflow in unace 1
ghsa_unreviewed·2022-05-17
CVE-2015-2063 [MEDIUM] GHSA-q4cq-r65m-xhwh: Integer overflow in unace 1
Integer overflow in unace 1.2b allows remote attackers to cause a denial of service (crash) via a small file header in an ace archive, which triggers a buffer overflow.
OSV
CVE-2015-2063: Integer overflow in unace 1
osv·2015-03-09·CVSS 4.3
CVE-2015-2063 [MEDIUM] CVE-2015-2063: Integer overflow in unace 1
Integer overflow in unace 1.2b allows remote attackers to cause a denial of service (crash) via a small file header in an ace archive, which triggers a buffer overflow.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.debian.org/security/2015/dsa-3178http://www.openwall.com/lists/oss-security/2015/02/24/1https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775003http://www.debian.org/security/2015/dsa-3178http://www.openwall.com/lists/oss-security/2015/02/24/1https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775003
2015-03-09
Published