Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P
Vendors Products
Trend Micro
  • Interscan Webmanager
  • Pc-cillin
  • Scanmail Emanager
  • Interscan Messaging Security Suite
  • Interscan Web Security Suite
  • Interscan Emanager
  • Client-server Suite Smb
  • Client-server-messaging Suite Smb
  • Interscan Viruswall
  • Scanmail
  • Portalprotect
  • Serverprotect
  • Interscan Webprotect
  • Control Manager
  • Officescan

Configuration 1 [-]

OR cpe:2.3:a:trend_micro:client-server-messaging_suite_smb:gold:*:windows:*:*:*:*:*
cpe:2.3:a:trend_micro:client-server_suite_smb:gold:*:windows:*:*:*:*:*
cpe:2.3:a:trend_micro:control_manager:gold:*:as_400:*:*:*:*:*
cpe:2.3:a:trend_micro:control_manager:gold:*:s_390:*:*:*:*:*
cpe:2.3:a:trend_micro:control_manager:gold:*:solaris:*:*:*:*:*
cpe:2.3:a:trend_micro:control_manager:gold:*:windows:*:*:*:*:*
cpe:2.3:a:trend_micro:control_manager:gold:*:windows_nt:*:*:*:*:*
cpe:2.3:a:trend_micro:control_manager:netware:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_emanager:3.5:*:hp:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_emanager:3.5.2:*:windows:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:linux:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:sun:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_emanager:3.51:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_emanager:3.51_j:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_messaging_security_suite:3.81:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:linux:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:solaris:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:windows:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:linux:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:unix:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:3.4:*:windows_nt:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:3.5:*:windows_nt:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:hp_ux:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:solaris:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:unix:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:windows_nt:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:3.6.5:*:linux:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:3.51:*:windows_nt:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:3.52:*:windows_nt:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:3.52_build1466:*:windows_nt:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:5.1:*:windows_nt:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:aix:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:linux_for_smb:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:smb:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows_nt_for_smb:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:linux:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:solaris:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:windows:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_webmanager:1.2:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_webmanager:2.0:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_webmanager:2.1:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:interscan_webprotect:gold:*:isa:*:*:*:*:*
cpe:2.3:a:trend_micro:officescan:3.0:*:corporate:*:*:*:*:*
cpe:2.3:a:trend_micro:officescan:corporate_3.0:*:windows_nt_server:*:*:*:*:*
cpe:2.3:a:trend_micro:officescan:corporate_3.1.1:*:windows_nt_server:*:*:*:*:*
cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:windows_nt_server:*:*:*:*:*
cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:windows_nt_server:*:*:*:*:*
cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:windows_nt_server:*:*:*:*:*
cpe:2.3:a:trend_micro:officescan:corporate_3.54:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:officescan:corporate_5.02:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:officescan:corporate_5.5:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:officescan:corporate_5.58:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:officescan:corporate_6.5:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:pc-cillin:6.0:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:pc-cillin:2000:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:pc-cillin:2002:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:pc-cillin:2003:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:portalprotect:1.0:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:scanmail:2.6:*:domino:*:*:*:*:*
cpe:2.3:a:trend_micro:scanmail:2.51:*:domino:*:*:*:*:*
cpe:2.3:a:trend_micro:scanmail:3.8:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:trend_micro:scanmail:3.81:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:trend_micro:scanmail:6.1:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_aix:*:*:*:*:*
cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_as_400:*:*:*:*:*
cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_s_390:*:*:*:*:*
cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_solaris:*:*:*:*:*
cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_windows:*:*:*:*:*
cpe:2.3:a:trend_micro:scanmail_emanager:*:*:*:*:*:*:*:*
cpe:2.3:a:trend_micro:serverprotect:1.3:*:linux:*:*:*:*:*
cpe:2.3:a:trend_micro:serverprotect:1.25_2007-02-16:*:linux:*:*:*:*:*
cpe:2.3:a:trend_micro:serverprotect:2.5:*:linux:*:*:*:*:*
cpe:2.3:a:trend_micro:serverprotect:5.3.1:*:*:*:*:*:*:*
References
Link Resource
http://secunia.com/advisories/14396 Patch Vendor Advisory
http://securitytracker.com/id?1013289 Patch Vendor Advisory
http://securitytracker.com/id?1013290 Patch Vendor Advisory
http://www.securityfocus.com/bid/12643 Patch
http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution Patch
http://xforce.iss.net/xforce/alerts/id/189 Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2005-02-24T05:00:00

Updated: 2005-02-28T10:00:00

Reserved: 2005-02-24T00:00:00

Link: CVE-2005-0533

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2005-05-02T04:00:00.000

Modified: 2008-09-05T20:46:34.663

Link: CVE-2005-0533

JSON object: View

cve-icon Redhat Information

No data.

CWE