CVE-2005-1693

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, BrightStor ARCserve Backup (BAB) r11.1, Vet Antivirus, Zonelabs ZoneAlarm Security Suite, and ZoneAlarm Antivirus, allows remote attackers to gain privileges via a compressed VBA directory with a project name length of -1, which leads to a heap-based buffer overflow.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://crm.my-etrust.com/login.asp?username=guest&target=DOCUMENT&openparameter=1588	Patch
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32896	Patch Vendor Advisory
http://www.securityfocus.com/bid/13710	Vendor Advisory
http://www.rem0te.com/public/images/vet.pdf
http://securitytracker.com/id?1014050
http://secunia.com/advisories/15470
http://secunia.com/advisories/15479
http://marc.info/?l=bugtraq&m=111686576416450&w=2

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:broadcom:etrust_antivirus:7.1:::::::*
	cpe:2.3:a:ca:etrust_antivirus:7.1::gateway:::::
	cpe:2.3:a:broadcom:etrust_ez_armor:2.4.4:::::::*
	cpe:2.3:a:broadcom:etrust_ez_armor_le:2.0:::::::*
	cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1::::::
	cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:::::::*
	cpe:2.3:a:broadcom:etrust_antivirus:6.0:::::::*
	cpe:2.3:a:broadcom:etrust_antivirus:7.0:::::::*
	cpe:2.3:a:broadcom:etrust_ez_armor:1.0:::::::*
	cpe:2.3:a:broadcom:etrust_ez_armor:2.0:::::::*
	cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:::::::*
	cpe:2.3:a:zonelabs:zonealarm::::::::
	cpe:2.3:a:ca:vet_antivirus:10.66:::::::*
	cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:::::::*
	cpe:2.3:a:zonelabs:zonealarm_antivirus::::::::
	cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1::::::
	cpe:2.3:a:ca:etrust_antivirus:7.0::gateway:::::
	cpe:2.3:a:ca:brightstor_arcserve_backup:11.1::windows:::::
	cpe:2.3:a:broadcom:etrust_antivirus_ee:6.0:::::::*
	cpe:2.3:a:broadcom:etrust_antivirus_ee:7.0:::::::*
	cpe:2.3:a:broadcom:etrust_ez_armor:2.3:::::::*
	cpe:2.3:a:broadcom:etrust_ez_armor:2.4:::::::*
	cpe:2.3:a:broadcom:etrust_ez_armor_le:3.0.0.14:::::::*
	cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:::::::*
	cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:::::::*
	cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:::::::*
	cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:::::::*
	cpe:2.3:a:broadcom:inoculateit:6.0:::::::*

Information

Published : 2005-05-23 21:00

Updated : 2021-04-09 10:00

NVD link : CVE-2005-1693

Mitre link : CVE-2005-1693

JSON object : View

CWE

NVD-CWE-Other

Products Affected

vet_antivirus
etrust_secure_content_manager
etrust_intrusion_detection
etrust_antivirus
brightstor_arcserve_backup

broadcom

etrust_antivirus
inoculateit
etrust_antivirus_ee
etrust_ez_armor
etrust_secure_content_manager
etrust_intrusion_detection
etrust_ez_armor_le

zonelabs

zonealarm_antivirus
zonealarm

10.0 /10