Vulnerabilities > CVE-2005-0533 - Unspecified vulnerability in Trend Micro products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

trend-micro

nessus

NVD

Published: 2005-05-02

Updated: 2024-11-20

Summary

Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.

Vulnerable Configurations

Part	Description	Count
Application	Trend_Micro Trend Micro Interscan Emanager 3.5.2 Trend Micro Interscan Emanager 3.6 Trend Micro Interscan Emanager 3.5 Trend Micro Interscan Emanager 3.51 Trend Micro Interscan Emanager 3.51_J Trend Micro Scanmail 3.81 Trend Micro Scanmail Gold Trend Micro Scanmail 2.51 Trend Micro Scanmail 6.1 Trend Micro Scanmail 3.8 Trend Micro Scanmail 2.6 Trend Micro Serverprotect 2.5 Trend Micro Serverprotect 1.25_2007-02-16 Trend Micro Serverprotect 1.3 Trend Micro Serverprotect 5.3.1 Trend Micro Interscan Viruswall 3.0.1 Trend Micro Interscan Viruswall 3.5 Trend Micro Interscan Viruswall 3.52 Trend Micro Interscan Viruswall Gold Trend Micro Interscan Viruswall 3.4 Trend Micro Interscan Viruswall 3.52_Build1466 Trend Micro Interscan Viruswall 5.1 Trend Micro Interscan Viruswall 3.51 Trend Micro Interscan Viruswall 3.6 Trend Micro Interscan Viruswall 3.6.5 Trend Micro Officescan Corporate_6.5 Trend Micro Officescan Corporate_3.11 Trend Micro Officescan Corporate_3.0 Trend Micro Officescan Corporate_5.02 Trend Micro Officescan Corporate_3.13 Trend Micro Officescan Corporate_5.5 Trend Micro Officescan Corporate_5.58 Trend Micro Officescan Corporate_3.5 Trend Micro Officescan Corporate_3.54 Trend Micro Officescan 3.0 Trend Micro Officescan Corporate_3.1.1 Trend Micro Interscan WEB Security Suite Gold Trend Micro Control Manager Gold Trend Micro Control Manager Netware Trend Micro Interscan Messaging Security Suite 5.5 Trend Micro Interscan Messaging Security Suite Gold Trend Micro Interscan Messaging Security Suite 3.81 Trend Micro Interscan Webmanager 1.2 Trend Micro Interscan Webmanager 2.0 Trend Micro Interscan Webmanager 2.1 Trend Micro Client Server Suite SMB Gold Trend Micro Client Server Messaging Suite SMB Gold Trend Micro PC Cillin 2000 Trend Micro PC Cillin 2002 Trend Micro PC Cillin 2003 Trend Micro PC Cillin 6.0 Trend Micro Interscan Webprotect Gold Trend Micro Portalprotect 1.0 Trend Micro Scanmail Emanager *	78

Nessus

NASL family	Windows
NASL id	TRENDMICRO_ARJ_OVERFLOW.NASL
description	The remote host is running a version of the Trend Micro engine that has a heap overflow vulnerability in the ARJ handling functions. An attacker may exploit this flaw to bypass virus protection altogether and execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to submit a malformed ARJ archive to a process on the remote host and wait for the antivirus engine to scan it.
last seen	2020-06-01
modified	2020-06-02
plugin id	17213
published	2005-02-24
reporter	This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/17213
title	Trend Micro VSAPI ARJ Handling Heap Overflow

Summary

Vulnerable Configurations

Nessus

References