Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.
References
Link | Resource |
---|---|
http://xforce.iss.net/xforce/alerts/id/189 | Vendor Advisory |
http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution | Patch |
http://securitytracker.com/id?1013289 | Patch Vendor Advisory |
http://securitytracker.com/id?1013290 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/12643 | Patch |
http://secunia.com/advisories/14396 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2005-05-01 21:00
Updated : 2008-09-05 13:46
NVD link : CVE-2005-0533
Mitre link : CVE-2005-0533
JSON object : View
CWE
Products Affected
trend_micro
- interscan_webmanager
- pc-cillin
- scanmail
- scanmail_emanager
- interscan_messaging_security_suite
- client-server-messaging_suite_smb
- interscan_webprotect
- portalprotect
- interscan_viruswall
- interscan_emanager
- interscan_web_security_suite
- client-server_suite_smb
- control_manager
- serverprotect
- officescan