5

CVE-2005-2384

Directory traversal vulnerability in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to write arbitrary files via an ACE archive containing filenames with (1) .. or (2) absolute pathnames.

Data is provided by the National Vulnerability Database (NVD)
AlwilAvast Antivirus Version4.6.460 Editionserver
AlwilAvast Antivirus Version4.6.665 Editionhome
AlwilAvast Antivirus Version4.6.665 Editionpro
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 2.46% 0.837
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N