返回 CVE 浏览器

CVE-2005-2670

MEDIUM

5.0

CVSS Severity Score

EPSS Score0.1730%

EPSS Percentile32.62th

Published2005年8月23日

Last Modified2026年4月16日

Vulnerability Description

Directory traversal vulnerability in HAURI Anti-Virus products including ViRobot Expert 4.0, Advanced Server, Linux Server 2.0, and LiveCall allows remote attackers to overwrite arbitrary files via ".." sequences in filenames contained in (1) ACE, (2) ARJ, (3) CAB, (4) LZH, (5) RAR, (6) TAR and (7) ZIP files.

Affected Platforms (CPE)

📦

Hauri

Livecall

All versions

📦

Hauri

Virobot Advanced Server

All versions

📦

Hauri

Virobot Expert

= 4.0

📦

Hauri

Virobot Linux Server

= 2.0

References & Advisories

🔗 http://secunia.com/advisories/15846

🔗 http://secunia.com/secunia_research/2005-24/advisory

🔗 http://securitytracker.com/id?1014740

🔗 http://www.globalhauri.com/html/download/down_unixpatch.html

🔗 http://www.securityfocus.com/bid/14606

🔗 http://secunia.com/advisories/15846

🔗 http://secunia.com/secunia_research/2005-24/advisory

🔗 http://securitytracker.com/id?1014740

相关漏洞威胁

CVE-2005-27207.5

Stack-based buffer overflow in the ACE archive decompression library (vrAZace.dll) in HAURI Anti-Virus products including ViRobot ...

CVE-2005-47864.0

Buffer overflow in the archive decompression library (vrAZMain.dll 5.8.22.137), as used in HAURI anti-virus products including (1)...

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...