Vulnerability Description
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Trend Micro | Client-Server-Messaging Suite Smb | gold |
| Trend Micro | Client-Server Suite Smb | gold |
| Trend Micro | Control Manager | gold |
| Trend Micro | Interscan Emanager | 3.5 |
| Trend Micro | Interscan Messaging Security Suite | 3.81 |
| Trend Micro | Interscan Viruswall | 3.0.1 |
| Trend Micro | Interscan Web Security Suite | gold |
| Trend Micro | Interscan Webmanager | 1.2 |
| Trend Micro | Interscan Webprotect | gold |
| Trend Micro | Officescan | 3.0 |
| Trend Micro | Pc-Cillin | 6.0 |
| Trend Micro | Portalprotect | 1.0 |
| Trend Micro | Scanmail | 2.6 |
| Trend Micro | Scanmail Emanager | All versions |
| Trend Micro | Serverprotect | 1.3 |
References
- http://secunia.com/advisories/14396PatchVendor Advisory
- http://securitytracker.com/id?1013289PatchVendor Advisory
- http://securitytracker.com/id?1013290PatchVendor Advisory
- http://www.securityfocus.com/bid/12643Patch
- http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+iPatch
- http://xforce.iss.net/xforce/alerts/id/189Vendor Advisory
- http://secunia.com/advisories/14396PatchVendor Advisory
- http://securitytracker.com/id?1013289PatchVendor Advisory
- http://securitytracker.com/id?1013290PatchVendor Advisory
- http://www.securityfocus.com/bid/12643Patch
- http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+iPatch
- http://xforce.iss.net/xforce/alerts/id/189Vendor Advisory
FAQ
What is CVE-2005-0533?
CVE-2005-0533 is a vulnerability with a CVSS score of 7.5 (HIGH). Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with ...
How severe is CVE-2005-0533?
CVE-2005-0533 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0533?
Check the references section above for vendor advisories and patch information. Affected products include: Trend Micro Client-Server-Messaging Suite Smb, Trend Micro Client-Server Suite Smb, Trend Micro Control Manager, Trend Micro Interscan Emanager, Trend Micro Interscan Messaging Security Suite.