CVE-2005-0533
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
02/05/2005
Last modified:
03/04/2025
Description
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:trend_micro:client-server-messaging_suite_smb:gold:*:windows:*:*:*:*:* | ||
| cpe:2.3:a:trend_micro:client-server_suite_smb:gold:*:windows:*:*:*:*:* | ||
| cpe:2.3:a:trend_micro:control_manager:gold:*:as_400:*:*:*:*:* | ||
| cpe:2.3:a:trend_micro:control_manager:gold:*:s_390:*:*:*:*:* | ||
| cpe:2.3:a:trend_micro:control_manager:gold:*:solaris:*:*:*:*:* | ||
| cpe:2.3:a:trend_micro:control_manager:gold:*:windows:*:*:*:*:* | ||
| cpe:2.3:a:trend_micro:control_manager:gold:*:windows_nt:*:*:*:*:* | ||
| cpe:2.3:a:trend_micro:control_manager:netware:*:*:*:*:*:*:* | ||
| cpe:2.3:a:trend_micro:interscan_emanager:3.5:*:hp:*:*:*:*:* | ||
| cpe:2.3:a:trend_micro:interscan_emanager:3.5.2:*:windows:*:*:*:*:* | ||
| cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:linux:*:*:*:*:* | ||
| cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:sun:*:*:*:*:* | ||
| cpe:2.3:a:trend_micro:interscan_emanager:3.51:*:*:*:*:*:*:* | ||
| cpe:2.3:a:trend_micro:interscan_emanager:3.51_j:*:*:*:*:*:*:* | ||
| cpe:2.3:a:trend_micro:interscan_messaging_security_suite:3.81:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/14396
- http://securitytracker.com/id?1013289=
- http://securitytracker.com/id?1013290=
- http://www.securityfocus.com/bid/12643
- http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability%20in%20VSAPI%20ARJ%20parsing%20could%20allow%20Remote%20Code%20execution
- http://xforce.iss.net/xforce/alerts/id/189
- http://secunia.com/advisories/14396
- http://securitytracker.com/id?1013289=
- http://securitytracker.com/id?1013290=
- http://www.securityfocus.com/bid/12643
- http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability%20in%20VSAPI%20ARJ%20parsing%20could%20allow%20Remote%20Code%20execution
- http://xforce.iss.net/xforce/alerts/id/189