Heap-based Buffer Overflow in Trend Micro AntiVirus Library
CVE-2005-0533

Currently unrated

Key Information:

Vendor: Trend Micro
Status: Interscan Emanager; Scanmail; Serverprotect; Interscan Viruswall
Vendor: CVE Published:; 2 May 2005

Summary

The Trend Micro AntiVirus Library VSAPI prior to version 7.510 is vulnerable to a heap-based buffer overflow due to improper handling of crafted ARJ files. Attackers can exploit this vulnerability by sending specially designed ARJ files with excessively long header names, allowing them to manipulate pointers and execute arbitrary code on the affected systems.

References

http://www.trendmicro.com/vinfo/secadvisories/default6.as...

x_refsource_CONFIRM

http://securitytracker.com/id?1013290

vdb-entryx_refsource_SECTRACK

http://securitytracker.com/id?1013289

vdb-entryx_refsource_SECTRACK

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Feb 24, 2005