CVE-2007-5155

Name of the Vulnerable Software and Affected Versions ICEOWS version 4.20b

Description The issue arises from the IceGUI.DLL in ICEOWS, where a function is invoked with incorrect arguments. This allows remote attackers to execute arbitrary code via a long filename in the header of an ACE archive, triggering a stack-based buffer overflow.

Recommendations For ICEOWS version 4.20b, as a temporary workaround, consider restricting the use of long filenames in ACE archives to minimize the risk of exploitation. However, at the moment, there is no information about a newer version that contains a fix for this issue.