Vulnerability Name: CVE-2005-1693 (CCN-20686) Assigned: 2005-05-23 Published: 2005-05-23 Updated: 2021-04-09 Summary: Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, BrightStor ARCserve Backup (BAB) r11.1, Vet Antivirus, Zonelabs ZoneAlarm Security Suite, and ZoneAlarm Antivirus, allows remote attackers to gain privileges via a compressed VBA directory with a project name length of -1, which leads to a heap-based buffer overflow. CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-Other Vulnerability Consequences: Gain Access References: Source: CONFIRM Type: Patchhttp://crm.my-etrust.com/login.asp?username=guest&target=DOCUMENT&openparameter=1588 Source: MITRE Type: CNACVE-2005-1693 Source: BUGTRAQ Type: UNKNOWN20050523 Computer Associates Vet Antivirus Library Remote Heap Overflow Source: CCN Type: BugTraq Mailing List, 2005-05-27 19:02:34RE: CAID 32896 - Computer Associates Vet Antivirus engine heap overflow vulnerability Source: CCN Type: SA15470CA Multiple Products Vet Antivirus Engine Buffer Overflow Source: SECUNIA Type: UNKNOWN15470 Source: CCN Type: SA15479Zonelabs ZoneAlarm Vet Antivirus Engine Buffer Overflow Source: SECUNIA Type: UNKNOWN15479 Source: CCN Type: SECTRACK ID: 1014050Computer Associates eTrust Antivirus Integer Overflow in Processing Microsoft OLE Data Lets Remote Users Execute Arbitrary Code Source: SECTRACK Type: UNKNOWN1014050 Source: CCN Type: Vet Antivirus Web pageVet Anti-Virus Online Source: CCN Type: OSVDB ID: 16780CA Multiple Products Vet Engine OLE Stream Remote Overflow Source: CCN Type: OSVDB ID: 16800ZoneAlarm Vet Anti-Virus Engine Remote Overflow Source: CCN Type: Remote.com Web siteComputer Associates Vet Antivirus Remote Heap Overflow Security Advisory Source: MISC Type: UNKNOWNhttp://www.rem0te.com/public/images/vet.pdf Source: BID Type: Vendor Advisory13710 Source: CCN Type: BID-13710Computer Associates Vet Library Remote Heap Overflow Vulnerability Source: MISC Type: Patch, Vendor Advisoryhttp://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32896 Source: XF Type: UNKNOWNca-vet-antivirus-bo(20686) Vulnerable Configuration: Configuration 1 :cpe:/a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:* OR cpe:/a:ca:etrust_antivirus:7.1:*:gateway:*:*:*:*:* OR cpe:/a:broadcom:etrust_ez_armor:2.4.4:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_ez_armor_le:2.0:*:*:*:*:*:*:* OR cpe:/a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_antivirus:6.0:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_ez_armor:1.0:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:* OR cpe:/a:zonelabs:zonealarm:*:*:*:*:*:*:*:* OR cpe:/a:zonelabs:zonealarm_antivirus:*:*:*:*:*:*:*:* OR cpe:/a:ca:brightstor_arcserve_backup:11.1:*:windows:*:*:*:*:* OR cpe:/a:broadcom:etrust_antivirus_ee:6.0:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_antivirus_ee:7.0:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_ez_armor_le:3.0.0.14:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:* OR cpe:/a:broadcom:inoculateit:6.0:*:*:*:*:*:*:* OR cpe:/a:ca:vet_antivirus:10.66:*:*:*:*:*:*:* OR cpe:/a:ca:etrust_antivirus:7.0:*:gateway:*:*:*:*:* OR cpe:/a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:* OR cpe:/a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:broadcom:inoculateit:6.0:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_antivirus:6.0:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:* OR cpe:/a:checkpoint:zonealarm_security_suite:-:*:*:*:*:*:*:* OR cpe:/a:zonelabs:zonealarm_antivirus:*:*:*:*:*:*:*:* OR cpe:/a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_ez_armor:1.0:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_ez_armor:2.4.4:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:* OR cpe:/a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:* OR cpe:/a:ca:vet_antivirus:10.66:*:*:*:*:*:*:* Denotes that component is vulnerable BACK
broadcom etrust antivirus 7.1
ca etrust antivirus 7.1
broadcom etrust ez armor 2.4.4
broadcom etrust ez armor le 2.0
ca etrust secure content manager 1.0 sp1
broadcom etrust secure content manager 1.1
broadcom etrust antivirus 6.0
broadcom etrust antivirus 7.0
broadcom etrust ez armor 1.0
broadcom etrust ez armor 2.0
broadcom etrust intrusion detection 1.4.5
broadcom etrust intrusion detection 1.5
broadcom etrust intrusion detection 3.0
zonelabs zonealarm *
zonelabs zonealarm antivirus *
ca brightstor arcserve backup 11.1
broadcom etrust antivirus ee 6.0
broadcom etrust antivirus ee 7.0
broadcom etrust ez armor le 3.0.0.14
broadcom etrust intrusion detection 1.4.1.13
broadcom inoculateit 6.0
ca vet antivirus 10.66
ca etrust antivirus 7.0
ca etrust antivirus 7.0_sp2
broadcom etrust ez armor 2.3
broadcom etrust ez armor 2.4
ca etrust intrusion detection 3.0 sp1
broadcom etrust secure content manager 1.0
ca inoculateit 6.0
ca etrust antivirus 6.0
ca etrust antivirus 7.0
ca etrust antivirus 7.1
ca etrust ez armor 2.0
ca etrust ez armor 2.3
ca etrust ez armor 2.4
ca etrust intrusion detection 3.0
ca etrust antivirus gateway 7.0
ca etrust antivirus gateway 7.1
checkpoint zonealarm security suite -
zonelabs zonealarm antivirus *
ca etrust intrusion detection 3.0 sp1
ca etrust ez armor 1.0
ca etrust ez armor 2.4.4
ca etrust intrusion detection 1.4.1.13
ca etrust intrusion detection 1.4.5
ca etrust intrusion detection 1.5
ca etrust secure content manager 1.0
ca etrust secure content manager 1.1
ca vet antivirus 10.66