WinAce Archiver versions 2.6 and below are susceptible to a directory traversal attack when fed a malicious RAR or TAR file.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/44185/WinAce.txt
Source: https://packetstormsecurity.com/files/44185/WinAce.txt.html