3/30/2006

Total Commander Security Flaw

Filed under: — By Aviran Mordo @ 9:48 am

A vulnerability has been reported in Total Commander, which can be exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to a boundary error in UNACEV2.DLL when extracting an ACE archive containing a file with an overly long filename. This can be exploited to cause a stack-based buffer overflow when a user extracts a specially crafted ACE archive.

Security website Secunia rates this vulnerability as Moderately critical and suggests to update to version 6.54 or later.



Vote Reddit Story ?

 

One Response to “Total Commander Security Flaw”

  1. Deon Fialkov Says:

    Is this the secure form of FTP ?

Leave a Reply

You must have Javascript enabled in order to submit comments.

All fields are optional (except comment).
Some comments may be held for moderation (depends on spam filter) and not show up immediately.
Links will automatically get rel="nofollow" attribute to deter spammers.

Powered by WordPress