Vulnerability Name:

CVE-2005-0533 (CCN-19140)

Assigned:2005-02-10
Published:2005-02-10
Updated:2008-09-05
Summary:Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2005-0350

Source: MITRE
Type: CNA
CVE-2005-0533

Source: CCN
Type: SA14216
F-Secure Multiple Products ARJ Archive Handling Vulnerability

Source: CCN
Type: SA14396
Trend Micro Products AntiVirus Library Buffer Overflow

Source: SECUNIA
Type: Patch, Vendor Advisory
14396

Source: CCN
Type: SECTRACK ID: 1013143
F-Secure Anti-Virus Buffer Overflow in Processing ARJ Archives Lets Remote Users Execute Arbitrary Code

Source: CCN
Type: SECTRACK ID: 1013289
TrendMicro OfficeScan Buffer Overflow in ARJ Parser Lets Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: Patch, Vendor Advisory
1013289

Source: CCN
Type: SECTRACK ID: 1013290
TrendMicro PC-cillin Buffer Overflow in ARJ Parser Lets Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: Patch, Vendor Advisory
1013290

Source: CCN
Type: Trend
ARJ Software, Inc.

Source: CCN
Type: F-Secure Security Bulletin FSC-2005-1
Code execution vulnerability in ARJ-archive handling

Source: CCN
Type: OSVDB ID: 13704
F-Secure Multiple Products ARJ Archive Handling Overflow

Source: CCN
Type: OSVDB ID: 14133
Trend Micro Multiple Anti-Virus Products ARJ Archive Handling Overflow

Source: CCN
Type: OSVDB ID: 33043
Trend Micro VirusWall VSAPI Library libvsapi.so Local Overflow

Source: CCN
Type: BID-12515
F-Secure ARJ Handling Buffer Overflow Vulnerability

Source: BID
Type: Patch
12643

Source: CCN
Type: BID-12643
Trend Micro VSAPI ARJ Handling Heap Overflow Vulnerability

Source: CCN
Type: Trend Micro Web site
Vulnerability in VSAPI ARJ parsing could allow Remote Code execution

Source: CONFIRM
Type: Patch
http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution

Source: CCN
Type: Internet Security Systems Protection Advisory February 10, 2005
F-Secure AntiVirus Library Heap Overflow

Source: ISS
Type: Vendor Advisory
20050224 Trend Micro AntiVirus Library Heap Overflow

Source: XF
Type: UNKNOWN
arj-archive-long-filename-detected(19140)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:trend_micro:client-server-messaging_suite_smb:gold:*:windows:*:*:*:*:*
  • OR cpe:/a:trend_micro:client-server_suite_smb:gold:*:windows:*:*:*:*:*
  • OR cpe:/a:trend_micro:control_manager:gold:*:as_400:*:*:*:*:*
  • OR cpe:/a:trend_micro:control_manager:gold:*:s_390:*:*:*:*:*
  • OR cpe:/a:trend_micro:control_manager:gold:*:solaris:*:*:*:*:*
  • OR cpe:/a:trend_micro:control_manager:gold:*:windows:*:*:*:*:*
  • OR cpe:/a:trend_micro:control_manager:gold:*:windows_nt:*:*:*:*:*
  • OR cpe:/a:trend_micro:control_manager:netware:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_emanager:3.5:*:hp:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_emanager:3.5.2:*:windows:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_emanager:3.6:*:linux:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_emanager:3.6:*:sun:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_emanager:3.51:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_emanager:3.51_j:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_messaging_security_suite:3.81:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_messaging_security_suite:5.5:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_messaging_security_suite:gold:*:linux:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_messaging_security_suite:gold:*:solaris:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_messaging_security_suite:gold:*:windows:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.0.1:*:linux:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.0.1:*:unix:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.4:*:windows_nt:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.5:*:windows_nt:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.6:*:hp_ux:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.6:*:solaris:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.6:*:unix:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.6:*:windows_nt:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.6.5:*:linux:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.51:*:windows_nt:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.52:*:windows_nt:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.52_build1466:*:windows_nt:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:5.1:*:windows_nt:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:gold:*:aix:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:gold:*:linux_for_smb:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:gold:*:smb:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:gold:*:windows:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:gold:*:windows_nt_for_smb:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_web_security_suite:gold:*:linux:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_web_security_suite:gold:*:solaris:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_web_security_suite:gold:*:windows:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_webmanager:1.2:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_webmanager:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_webmanager:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_webprotect:gold:*:isa:*:*:*:*:*
  • OR cpe:/a:trend_micro:officescan:3.0:*:corporate:*:*:*:*:*
  • OR cpe:/a:trend_micro:officescan:corporate_3.0:*:windows_nt_server:*:*:*:*:*
  • OR cpe:/a:trend_micro:officescan:corporate_3.1.1:*:windows_nt_server:*:*:*:*:*
  • OR cpe:/a:trend_micro:officescan:corporate_3.5:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:officescan:corporate_3.5:*:windows_nt_server:*:*:*:*:*
  • OR cpe:/a:trend_micro:officescan:corporate_3.11:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:officescan:corporate_3.11:*:windows_nt_server:*:*:*:*:*
  • OR cpe:/a:trend_micro:officescan:corporate_3.13:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:officescan:corporate_3.13:*:windows_nt_server:*:*:*:*:*
  • OR cpe:/a:trend_micro:officescan:corporate_3.54:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:officescan:corporate_5.02:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:officescan:corporate_5.5:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:officescan:corporate_5.58:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:officescan:corporate_6.5:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:pc-cillin:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:pc-cillin:2000:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:pc-cillin:2002:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:pc-cillin:2003:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:portalprotect:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:scanmail:2.6:*:domino:*:*:*:*:*
  • OR cpe:/a:trend_micro:scanmail:2.51:*:domino:*:*:*:*:*
  • OR cpe:/a:trend_micro:scanmail:3.8:*:microsoft_exchange:*:*:*:*:*
  • OR cpe:/a:trend_micro:scanmail:3.81:*:microsoft_exchange:*:*:*:*:*
  • OR cpe:/a:trend_micro:scanmail:6.1:*:microsoft_exchange:*:*:*:*:*
  • OR cpe:/a:trend_micro:scanmail:gold:*:lotus_domino_on_aix:*:*:*:*:*
  • OR cpe:/a:trend_micro:scanmail:gold:*:lotus_domino_on_as_400:*:*:*:*:*
  • OR cpe:/a:trend_micro:scanmail:gold:*:lotus_domino_on_s_390:*:*:*:*:*
  • OR cpe:/a:trend_micro:scanmail:gold:*:lotus_domino_on_solaris:*:*:*:*:*
  • OR cpe:/a:trend_micro:scanmail:gold:*:lotus_domino_on_windows:*:*:*:*:*
  • OR cpe:/a:trend_micro:scanmail_emanager:*:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:serverprotect:1.3:*:linux:*:*:*:*:*
  • OR cpe:/a:trend_micro:serverprotect:1.25_2007-02-16:*:linux:*:*:*:*:*
  • OR cpe:/a:trend_micro:serverprotect:2.5:*:linux:*:*:*:*:*
  • OR cpe:/a:trend_micro:serverprotect:5.3.1:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:trend_micro:officescan_corporate_edition:6.5:*:*:*:*:*:*:*
  • OR cpe:/a:f-secure:f-secure_anti-virus:4.60::samba_servers:*:*:*:*:*
  • OR cpe:/a:f-secure:internet_gatekeeper:2.06::linux:*:*:*:*:*
  • OR cpe:/a:trend_micro:scanmail:10.2::~~~microsoft_exchange~~:*:*:*:*:*
  • OR cpe:/a:trend_micro:scanmail_emanager:*:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:serverprotect:linux:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:serverprotect:windows:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:portalprotect:1.2::sharepoint:*:*:*:*:*
  • OR cpe:/a:trend_micro:pc-cillin_internet_security:14_14.00.1485:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_webprotect:gold::isa:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_webmanager:1.2:*:*:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_web_security_suite:gold::solaris:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_web_security_suite:gold::windows:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_web_security_suite:::linux:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.0.1::linux:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.52::windows:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:gold::aix:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:3.6::solaris:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_viruswall:gold::smb:*:*:*:*:*
  • OR cpe:/a:trend_micro:interscan_emanager:3.5.2::windows:*:*:*:*:*
  • OR cpe:/a:f-secure:internet_gatekeeper:6.41:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    trend_micro client-server-messaging suite smb gold
    trend_micro client-server suite smb gold
    trend_micro control manager gold
    trend_micro control manager gold
    trend_micro control manager gold
    trend_micro control manager gold
    trend_micro control manager gold
    trend_micro control manager netware
    trend_micro interscan emanager 3.5
    trend_micro interscan emanager 3.5.2
    trend_micro interscan emanager 3.6
    trend_micro interscan emanager 3.6
    trend_micro interscan emanager 3.51
    trend_micro interscan emanager 3.51_j
    trend_micro interscan messaging security suite 3.81
    trend_micro interscan messaging security suite 5.5
    trend_micro interscan messaging security suite gold
    trend_micro interscan messaging security suite gold
    trend_micro interscan messaging security suite gold
    trend_micro interscan viruswall 3.0.1
    trend_micro interscan viruswall 3.0.1
    trend_micro interscan viruswall 3.4
    trend_micro interscan viruswall 3.5
    trend_micro interscan viruswall 3.6
    trend_micro interscan viruswall 3.6
    trend_micro interscan viruswall 3.6
    trend_micro interscan viruswall 3.6
    trend_micro interscan viruswall 3.6.5
    trend_micro interscan viruswall 3.51
    trend_micro interscan viruswall 3.52
    trend_micro interscan viruswall 3.52_build1466
    trend_micro interscan viruswall 5.1
    trend_micro interscan viruswall gold
    trend_micro interscan viruswall gold
    trend_micro interscan viruswall gold
    trend_micro interscan viruswall gold
    trend_micro interscan viruswall gold
    trend_micro interscan web security suite gold
    trend_micro interscan web security suite gold
    trend_micro interscan web security suite gold
    trend_micro interscan webmanager 1.2
    trend_micro interscan webmanager 2.0
    trend_micro interscan webmanager 2.1
    trend_micro interscan webprotect gold
    trend_micro officescan 3.0
    trend_micro officescan corporate_3.0
    trend_micro officescan corporate_3.1.1
    trend_micro officescan corporate_3.5
    trend_micro officescan corporate_3.5
    trend_micro officescan corporate_3.11
    trend_micro officescan corporate_3.11
    trend_micro officescan corporate_3.13
    trend_micro officescan corporate_3.13
    trend_micro officescan corporate_3.54
    trend_micro officescan corporate_5.02
    trend_micro officescan corporate_5.5
    trend_micro officescan corporate_5.58
    trend_micro officescan corporate_6.5
    trend_micro pc-cillin 6.0
    trend_micro pc-cillin 2000
    trend_micro pc-cillin 2002
    trend_micro pc-cillin 2003
    trend_micro portalprotect 1.0
    trend_micro scanmail 2.6
    trend_micro scanmail 2.51
    trend_micro scanmail 3.8
    trend_micro scanmail 3.81
    trend_micro scanmail 6.1
    trend_micro scanmail gold
    trend_micro scanmail gold
    trend_micro scanmail gold
    trend_micro scanmail gold
    trend_micro scanmail gold
    trend_micro scanmail emanager *
    trend_micro serverprotect 1.3
    trend_micro serverprotect 1.25_2007-02-16
    trend_micro serverprotect 2.5
    trend_micro serverprotect 5.3.1
    trend_micro officescan corporate edition 6.5
    f-secure f-secure anti-virus 4.60
    f-secure internet gatekeeper 2.06
    trend_micro scanmail 10.2
    trend_micro scanmail emanager *
    trend_micro serverprotect linux
    trend_micro serverprotect windows
    trend_micro portalprotect 1.2
    trend_micro pc-cillin internet security 14_14.00.1485
    trend_micro interscan webprotect gold
    trend_micro interscan webmanager 1.2
    trend_micro interscan web security suite gold
    trend_micro interscan web security suite gold
    trend_micro interscan web security suite
    trend_micro interscan viruswall 3.0.1
    trend_micro interscan viruswall 3.52
    trend_micro interscan viruswall gold
    trend_micro interscan viruswall 3.6
    trend_micro interscan viruswall gold
    trend_micro interscan emanager 3.5.2
    f-secure internet gatekeeper 6.41