Vulnerabilites related to trend_micro - interscan_messaging_security_suite
CVE-2006-0642 (GCVE-0-2006-0642)
Vulnerability from cvelistv5
Published
2006-02-10 11:00
Modified
2024-08-07 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of "Do not scan compressed files when Extracted file count exceeds 500 files," which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. NOTE: since this is related to a configuration setting that has an operational impact that might vary depending on the environment, and the product is claimed to report a message when the compressed file exceeds specified limits, perhaps this should not be included in CVE.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:41:29.011Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf"
},
{
"name": "20060206 Fwd: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/424598/100/0/threaded"
},
{
"name": "20060203 Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/423896/100/0/threaded"
},
{
"name": "16483",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16483"
},
{
"name": "20060205 RE: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/424172/100/0/threaded"
},
{
"name": "serverprotect-file-scanning-bypass(24658)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24658"
},
{
"name": "20060203 Re: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/423914/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html"
},
{
"name": "20060203 Re: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/423913/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of \"Do not scan compressed files when Extracted file count exceeds 500 files,\" which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. NOTE: since this is related to a configuration setting that has an operational impact that might vary depending on the environment, and the product is claimed to report a message when the compressed file exceeds specified limits, perhaps this should not be included in CVE."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf"
},
{
"name": "20060206 Fwd: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/424598/100/0/threaded"
},
{
"name": "20060203 Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/423896/100/0/threaded"
},
{
"name": "16483",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16483"
},
{
"name": "20060205 RE: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/424172/100/0/threaded"
},
{
"name": "serverprotect-file-scanning-bypass(24658)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24658"
},
{
"name": "20060203 Re: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/423914/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html"
},
{
"name": "20060203 Re: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/423913/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0642",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of \"Do not scan compressed files when Extracted file count exceeds 500 files,\" which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. NOTE: since this is related to a configuration setting that has an operational impact that might vary depending on the environment, and the product is claimed to report a message when the compressed file exceeds specified limits, perhaps this should not be included in CVE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf",
"refsource": "MISC",
"url": "http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf"
},
{
"name": "20060206 Fwd: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424598/100/0/threaded"
},
{
"name": "20060203 Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/423896/100/0/threaded"
},
{
"name": "16483",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16483"
},
{
"name": "20060205 RE: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424172/100/0/threaded"
},
{
"name": "serverprotect-file-scanning-bypass(24658)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24658"
},
{
"name": "20060203 Re: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/423914/100/0/threaded"
},
{
"name": "http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html",
"refsource": "MISC",
"url": "http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html"
},
{
"name": "20060203 Re: Trend Micro ServerProtect version 5.58 can be easily circumvented via the mechanism that limits how many files to scan.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/423913/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0642",
"datePublished": "2006-02-10T11:00:00",
"dateReserved": "2006-02-10T00:00:00",
"dateUpdated": "2024-08-07T16:41:29.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0851 (GCVE-0-2007-0851)
Vulnerability from cvelistv5
Published
2007-02-08 18:00
Modified
2024-08-07 12:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:34:21.122Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017601",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017601"
},
{
"name": "22449",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22449"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"name": "1017603",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017603"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"name": "24087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24087"
},
{
"name": "33038",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33038"
},
{
"name": "ADV-2007-0522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"name": "JVN#77366274",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"name": "VU#276432",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"name": "20070208 Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"name": "antivirus-upx-bo(32352)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
},
{
"name": "ADV-2007-0569",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"name": "1017602",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017602"
},
{
"name": "24128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24128"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017601",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017601"
},
{
"name": "22449",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22449"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"name": "1017603",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017603"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"name": "24087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24087"
},
{
"name": "33038",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33038"
},
{
"name": "ADV-2007-0522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"name": "JVN#77366274",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"name": "VU#276432",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"name": "20070208 Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"name": "antivirus-upx-bo(32352)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
},
{
"name": "ADV-2007-0569",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"name": "1017602",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017602"
},
{
"name": "24128",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24128"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0851",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017601",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017601"
},
{
"name": "22449",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22449"
},
{
"name": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289",
"refsource": "CONFIRM",
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"name": "1017603",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017603"
},
{
"name": "http://www.jpcert.or.jp/at/2007/at070004.txt",
"refsource": "MISC",
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"name": "24087",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24087"
},
{
"name": "33038",
"refsource": "OSVDB",
"url": "http://osvdb.org/33038"
},
{
"name": "ADV-2007-0522",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"name": "JVN#77366274",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"name": "VU#276432",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"name": "20070208 Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"name": "antivirus-upx-bo(32352)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
},
{
"name": "ADV-2007-0569",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"name": "1017602",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017602"
},
{
"name": "24128",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24128"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0851",
"datePublished": "2007-02-08T18:00:00",
"dateReserved": "2007-02-08T00:00:00",
"dateUpdated": "2024-08-07T12:34:21.122Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0533 (GCVE-0-2005-0533)
Vulnerability from cvelistv5
Published
2005-02-24 05:00
Modified
2024-08-07 21:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:54.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution"
},
{
"name": "1013290",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013290"
},
{
"name": "1013289",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013289"
},
{
"name": "20050224 Trend Micro AntiVirus Library Heap Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/189"
},
{
"name": "14396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14396"
},
{
"name": "12643",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12643"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-02-28T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution"
},
{
"name": "1013290",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013290"
},
{
"name": "1013289",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013289"
},
{
"name": "20050224 Trend Micro AntiVirus Library Heap Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/189"
},
{
"name": "14396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14396"
},
{
"name": "12643",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12643"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0533",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution"
},
{
"name": "1013290",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013290"
},
{
"name": "1013289",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013289"
},
{
"name": "20050224 Trend Micro AntiVirus Library Heap Overflow",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/189"
},
{
"name": "14396",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14396"
},
{
"name": "12643",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12643"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0533",
"datePublished": "2005-02-24T05:00:00",
"dateReserved": "2005-02-24T00:00:00",
"dateUpdated": "2024-08-07T21:13:54.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2007-02-08 18:28
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289 | Patch, Vendor Advisory | |
| cve@mitre.org | http://jvn.jp/jp/JVN%2377366274/index.html | ||
| cve@mitre.org | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470 | Patch, Vendor Advisory | |
| cve@mitre.org | http://osvdb.org/33038 | ||
| cve@mitre.org | http://secunia.com/advisories/24087 | Patch, Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/24128 | ||
| cve@mitre.org | http://securitytracker.com/id?1017601 | Patch, Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1017602 | ||
| cve@mitre.org | http://securitytracker.com/id?1017603 | ||
| cve@mitre.org | http://www.jpcert.or.jp/at/2007/at070004.txt | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/276432 | US Government Resource | |
| cve@mitre.org | http://www.securityfocus.com/bid/22449 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2007/0522 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2007/0569 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/32352 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://jvn.jp/jp/JVN%2377366274/index.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/33038 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/24087 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/24128 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1017601 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1017602 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1017603 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.jpcert.or.jp/at/2007/at070004.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/276432 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/22449 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/0522 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/0569 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/32352 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | client-server-messaging_suite_smb | gold | |
| trend_micro | client-server_suite_smb | gold | |
| trend_micro | control_manager | 2.5.0 | |
| trend_micro | control_manager | 3.5 | |
| trend_micro | control_manager | gold | |
| trend_micro | control_manager | gold | |
| trend_micro | control_manager | gold | |
| trend_micro | control_manager | gold | |
| trend_micro | control_manager | gold | |
| trend_micro | control_manager | netware | |
| trend_micro | interscan_emanager | 3.5 | |
| trend_micro | interscan_emanager | 3.5.2 | |
| trend_micro | interscan_emanager | 3.6 | |
| trend_micro | interscan_emanager | 3.6 | |
| trend_micro | interscan_emanager | 3.51 | |
| trend_micro | interscan_emanager | 3.51_j | |
| trend_micro | interscan_messaging_security_suite | * | |
| trend_micro | interscan_messaging_security_suite | 3.81 | |
| trend_micro | interscan_messaging_security_suite | 5.5 | |
| trend_micro | interscan_messaging_security_suite | 5.5_build_1183 | |
| trend_micro | interscan_messaging_security_suite | gold | |
| trend_micro | interscan_messaging_security_suite | gold | |
| trend_micro | interscan_messaging_security_suite | gold | |
| trend_micro | interscan_viruswall | 3.0.1 | |
| trend_micro | interscan_viruswall | 3.0.1 | |
| trend_micro | interscan_viruswall | 3.1.0 | |
| trend_micro | interscan_viruswall | 3.2.3 | |
| trend_micro | interscan_viruswall | 3.3 | |
| trend_micro | interscan_viruswall | 3.6 | |
| trend_micro | interscan_viruswall | 3.6 | |
| trend_micro | interscan_viruswall | 3.6 | |
| trend_micro | interscan_viruswall | 3.6 | |
| trend_micro | interscan_viruswall | 3.6.0_build_1182 | |
| trend_micro | interscan_viruswall | 3.6.0_build1166 | |
| trend_micro | interscan_viruswall | 3.6.5 | |
| trend_micro | interscan_viruswall | 3.7.0 | |
| trend_micro | interscan_viruswall | 3.7.0_build1190 | |
| trend_micro | interscan_viruswall | 3.8.0_build1130 | |
| trend_micro | interscan_viruswall | 3.32 | |
| trend_micro | interscan_viruswall | 3.81 | |
| trend_micro | interscan_viruswall | 5.1 | |
| trend_micro | interscan_viruswall | gold | |
| trend_micro | interscan_viruswall | gold | |
| trend_micro | interscan_viruswall | gold | |
| trend_micro | interscan_viruswall | gold | |
| trend_micro | interscan_viruswall | gold | |
| trend_micro | interscan_viruswall_for_windows_nt | 3.4 | |
| trend_micro | interscan_viruswall_for_windows_nt | 3.5 | |
| trend_micro | interscan_viruswall_for_windows_nt | 3.6 | |
| trend_micro | interscan_viruswall_for_windows_nt | 3.51 | |
| trend_micro | interscan_viruswall_for_windows_nt | 3.52 | |
| trend_micro | interscan_viruswall_for_windows_nt | 3.52_build1466 | |
| trend_micro | interscan_viruswall_for_windows_nt | 5.1.0 | |
| trend_micro | interscan_viruswall_scan_engine | 7.510.0-1002 | |
| trend_micro | interscan_web_security_suite | * | |
| trend_micro | interscan_web_security_suite | * | |
| trend_micro | interscan_web_security_suite | gold | |
| trend_micro | interscan_web_security_suite | gold | |
| trend_micro | interscan_web_security_suite | gold | |
| trend_micro | interscan_webmanager | 1.2 | |
| trend_micro | interscan_webmanager | 2.0 | |
| trend_micro | interscan_webmanager | 2.1 | |
| trend_micro | interscan_webprotect | gold | |
| trend_micro | officescan | 3.0 | |
| trend_micro | officescan | 4.5.0 | |
| trend_micro | officescan | 7.3 | |
| trend_micro | officescan | corporate_3.0 | |
| trend_micro | officescan | corporate_3.1.1 | |
| trend_micro | officescan | corporate_3.5 | |
| trend_micro | officescan | corporate_3.5 | |
| trend_micro | officescan | corporate_3.11 | |
| trend_micro | officescan | corporate_3.11 | |
| trend_micro | officescan | corporate_3.13 | |
| trend_micro | officescan | corporate_3.13 | |
| trend_micro | officescan | corporate_3.54 | |
| trend_micro | officescan | corporate_5.02 | |
| trend_micro | officescan | corporate_5.5 | |
| trend_micro | officescan | corporate_5.58 | |
| trend_micro | officescan | corporate_6.5 | |
| trend_micro | officescan | corporate_7.0 | |
| trend_micro | officescan | corporate_7.3 | |
| trend_micro | pc-cillin | 6.0 | |
| trend_micro | pc-cillin | 2000 | |
| trend_micro | pc-cillin | 2002 | |
| trend_micro | pc-cillin | 2003 | |
| trend_micro | pc-cillin | 2005 | |
| trend_micro | pc-cillin | 2006 | |
| trend_micro | pc-cillin_internet_security | 14_14.00.1485 | |
| trend_micro | pc-cillin_internet_security | 2005_12.0.0_0_build_1244 | |
| trend_micro | pc-cillin_internet_security | 2006_14.10.0.1023 | |
| trend_micro | pc-cillin_internet_security | 2007 | |
| trend_micro | pc_cillin_-_internet_security_2006 | * | |
| trend_micro | portalprotect | 1.0 | |
| trend_micro | portalprotect | 1.2 | |
| trend_micro | scanmail | 1.0.0 | |
| trend_micro | scanmail | 2.6 | |
| trend_micro | scanmail | 2.51 | |
| trend_micro | scanmail | 3.8 | |
| trend_micro | scanmail | 3.81 | |
| trend_micro | scanmail | 6.1 | |
| trend_micro | scanmail | gold | |
| trend_micro | scanmail | gold | |
| trend_micro | scanmail | gold | |
| trend_micro | scanmail | gold | |
| trend_micro | scanmail | gold | |
| trend_micro | scanmail_emanager | * | |
| trend_micro | scanning_engine | 7.1.0 | |
| trend_micro | serverprotect | 5.3.1 | |
| trend_micro | serverprotect | 5.5.8 | |
| trend_micro | serverprotect | 5.58 | |
| trend_micro | serverprotect | 5.58 | |
| trend_micro | serverprotect | linux | |
| trend_micro | serverprotect | linux_1.2.0 | |
| trend_micro | serverprotect | novell_netware | |
| trend_micro | serverprotect | windows | |
| trend_micro | viruswall | 3.0.1 | |
| trend_micro | web_security_suite | 1.2.0 | |
| trend_micro | webprotect | 3.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:client-server-messaging_suite_smb:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "8C9AAAD5-E973-41CB-B7FD-85D1EA04F6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:client-server_suite_smb:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "664CD81D-30AD-450B-A9FF-7C0FC61C938A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "068639F9-89E0-4B19-9E24-550087080419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4801FB64-FFC4-4167-9855-69EB8A424EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:as_400:*:*:*:*:*",
"matchCriteriaId": "CEEC709C-CE2F-435D-8595-3B7462F5D58A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:s_390:*:*:*:*:*",
"matchCriteriaId": "416653F7-D8D5-4947-A097-8E1298DD0FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "0416D605-20FC-4C87-8009-C240530A1B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "4FFD939A-C783-4A02-9859-B823A57F8A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "723E2C95-124F-422F-A241-AECA1D5E0D0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:netware:*:*:*:*:*:*:*",
"matchCriteriaId": "2A63C770-365B-4EAF-AF4B-1B379F943DF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.5:*:hp:*:*:*:*:*",
"matchCriteriaId": "9D2CAA96-4C71-482B-A033-E4AD0814C638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.5.2:*:windows:*:*:*:*:*",
"matchCriteriaId": "0DEAD496-BB59-464D-9BBA-29158CF65C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:linux:*:*:*:*:*",
"matchCriteriaId": "8767F042-4333-404A-B7D7-6830B6959890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:sun:*:*:*:*:*",
"matchCriteriaId": "C02396DD-CFBF-4019-8AC7-9C41821AF8E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF73278-A5E9-4975-9C0B-DD9413A33FA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.51_j:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F86817-D352-452E-B80F-1402C8A76372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:*:*:linux_5.1.1:*:*:*:*:*",
"matchCriteriaId": "0D03DBA4-3F2D-433A-8D17-01B4D7E16EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "4086086F-4F57-4E73-B473-FFF33CD23F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F1E2358-2868-4D95-A783-0D7A591A691C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5_build_1183:*:*:*:*:*:*:*",
"matchCriteriaId": "E4587F87-E033-4636-9B61-18D1A7AA54D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:linux:*:*:*:*:*",
"matchCriteriaId": "7E8ADD8C-2E58-4671-BECF-B02A5DE04A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "4CD5D110-5FA3-4F6C-A727-06A73676EC9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "CD824873-B625-4755-ADC9-C6657CD63208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "E4B9603D-79FE-4E7C-A9F9-E9A24FBBDF3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:unix:*:*:*:*:*",
"matchCriteriaId": "475CED59-77F7-4E6B-8DB6-EFFC7F8D5929",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.1.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "29DA2B3D-D055-4328-8AD3-B5B407B17328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D948171A-3B54-462A-8B2E-2C0266A37E94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9D4E2E-889B-4233-8887-9CF00A5023A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F35126E8-F926-4C0B-B37F-AFE78DD2526F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:hp_ux:*:*:*:*:*",
"matchCriteriaId": "106EB780-7455-41F7-ADB0-67C541F6C53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:solaris:*:*:*:*:*",
"matchCriteriaId": "A9EB55C4-00FB-4D2F-993D-27269F09CF08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "D9AE5039-8467-48C2-8417-E7B18A48F0D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6.0_build_1182:*:*:*:*:*:*:*",
"matchCriteriaId": "DA820000-7608-4E3B-A05D-0C3CFC35227C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6.0_build1166:*:*:*:*:*:*:*",
"matchCriteriaId": "20349641-1EAD-4401-996F-15C131574F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6.5:*:linux:*:*:*:*:*",
"matchCriteriaId": "82425C25-4464-4C69-A7C9-6B7369661E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA147F1-224C-4230-9831-5EB153748793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.7.0_build1190:*:*:*:*:*:*:*",
"matchCriteriaId": "E2417050-7F5A-4702-A6F5-DFEFE96CCD78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.8.0_build1130:*:*:*:*:*:*:*",
"matchCriteriaId": "5B9F63FB-7B5F-49AF-BC84-B3250A08720A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.32:*:*:*:*:*:*:*",
"matchCriteriaId": "2F72A6DE-BA1B-4907-B19D-D71B172BB249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.81:*:linux:*:*:*:*:*",
"matchCriteriaId": "37ECAEF4-8A0D-4B90-8E4A-62BA72DAA702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:5.1:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "25D7EFC1-4053-46E9-9081-3BBAB0300C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:aix:*:*:*:*:*",
"matchCriteriaId": "8B678239-DD77-488C-82FE-27D6FC47B94A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:linux_for_smb:*:*:*:*:*",
"matchCriteriaId": "071EDC78-C902-4D79-8CDF-F5DD30BF7027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:smb:*:*:*:*:*",
"matchCriteriaId": "55C6BD67-FE95-43A7-91F7-608DEC79C24A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "29EDFC0F-687B-4B56-8910-67C6E3907483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows_nt_for_smb:*:*:*:*:*",
"matchCriteriaId": "5A694256-BD24-4EED-9833-B15DCA874F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2F81C82F-4997-4D4E-981B-F1601A8AD281",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3120FB-140A-458B-8926-7FE3593331FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B9239FE6-7FE3-4013-8E73-DE648F24EFEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.51:*:*:*:*:*:*:*",
"matchCriteriaId": "12023885-3D72-4CE4-B60F-F91EEE0C9153",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.52:*:*:*:*:*:*:*",
"matchCriteriaId": "0B132F48-3C0D-4DC9-9255-BB2D1CEBF855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:3.52_build1466:*:*:*:*:*:*:*",
"matchCriteriaId": "772DC29B-9C2C-4446-9352-6707E6B6F08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_for_windows_nt:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3079D9E-853D-46D3-92E8-E125CC800DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall_scan_engine:7.510.0-1002:*:*:*:*:*:*:*",
"matchCriteriaId": "D5ADC38A-3C58-42B3-9396-0D7B14EA0B59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:*:*:linux:*:*:*:*:*",
"matchCriteriaId": "1DC6D16A-3D1C-4AA6-B039-BFF5BEE64693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:*:*:linux_1.0.0_ja:*:*:*:*:*",
"matchCriteriaId": "110A575E-761B-4DD7-B4BE-B9AD22C85213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:linux:*:*:*:*:*",
"matchCriteriaId": "1DCB7541-8145-47CA-9F4E-4A600CA454EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "DB8B2F17-7C2B-4782-9492-D967A2AD8B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "D1E65854-8869-41F7-BAFE-B7545FC98BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C33920-9BC7-41BC-BB66-723D0BAF2839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A73B43D9-A721-4D48-A2D6-48A77355965F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F3645D-2B7D-44ED-83DE-ABF9016CD0D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webprotect:gold:*:isa:*:*:*:*:*",
"matchCriteriaId": "921B617D-F37E-4D10-A627-09F9678790B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:3.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4013BF7E-DE8F-4941-BF15-D17C8C88DB78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:4.5.0:*:microsof_sbs:*:*:*:*:*",
"matchCriteriaId": "11302ED5-C1AB-40D0-B019-A85C43E362D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "38BD1ADE-408F-45D0-BD0B-FBC83ED976F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.0:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "093EED07-F4C1-47B2-9D08-3DE0D57D5CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.1.1:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "CBA9F2BA-1274-465C-B723-ABB54CA17FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BE60F5D9-35D0-4D0E-85D1-EE71E533622F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "6F37307A-7847-4D5A-99D8-8A4BE424CD21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BF74A292-2B1B-43FC-AA82-CFB04D7644E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "925DA405-9719-452C-8369-D4A60CC916C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "46575AE8-8718-44D8-AF5C-14F7981B3238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "F893D171-7AB3-4422-BA86-021B0211EE36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.54:*:*:*:*:*:*:*",
"matchCriteriaId": "A79FBAAA-D6B8-4A05-B8E1-D7549207EA5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CE3BB4-54BA-48DE-9CFC-C2241D99DA67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F25D89-826B-4FA0-AA8F-CD729F00F9BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE87037-D7CC-480B-BBD2-F1802294D4F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB43A95-60F8-425A-8434-C07EC799DC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "567D7B70-7FE7-4C4F-8D09-C72E28F04FF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "78CDE85D-4C4B-42D0-BF64-11E880168A83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBAA86F-8DE4-4BC8-B295-89CF981C28D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2000:*:*:*:*:*:*:*",
"matchCriteriaId": "9994E64C-0E8C-4A9C-A321-6A73A16E33AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2002:*:*:*:*:*:*:*",
"matchCriteriaId": "A65282E0-2332-4CAA-9BA9-3794C2CDE960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "E56D571B-649D-41E2-A502-6C1EBAB73F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "E455A061-A34B-4AB7-88C7-222DB08BED08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "6EB1055E-31AA-44DE-A74C-8678A0C268C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin_internet_security:14_14.00.1485:*:*:*:*:*:*:*",
"matchCriteriaId": "408D7C07-D6CF-4722-AB74-70DE7C114FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin_internet_security:2005_12.0.0_0_build_1244:*:*:*:*:*:*:*",
"matchCriteriaId": "26DA917A-B842-40E7-B3A1-8546ADBB401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin_internet_security:2006_14.10.0.1023:*:*:*:*:*:*:*",
"matchCriteriaId": "83C3D9AE-690A-4ACE-B6A2-E83F1B7C5507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "F945B425-D79F-4B5F-A588-5DCDCFB87B06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc_cillin_-_internet_security_2006:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D237983-725B-43B5-B733-D25397A846C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:portalprotect:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C991F564-93D1-4E63-8B71-B0C9CD9BECA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:portalprotect:1.2:*:sharepoint:*:*:*:*:*",
"matchCriteriaId": "1F34805C-1602-45F7-8C03-D585D2F44594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71DAD29C-23D7-45C0-8B1B-AD9CD260EAE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:2.6:*:domino:*:*:*:*:*",
"matchCriteriaId": "195D657C-4A4B-4832-B1A6-056FB990401E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:2.51:*:domino:*:*:*:*:*",
"matchCriteriaId": "929BCF43-AC3A-43D0-8819-7673996D216D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:3.8:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "3BFF861D-F544-4902-A958-BE566FB85738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:3.81:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "3B282BE2-8116-48A7-B6D6-544983FF72C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:6.1:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "C81AFD13-0883-48F5-BD6B-707CFFE07262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_aix:*:*:*:*:*",
"matchCriteriaId": "B4963C96-FA13-4E54-8EE3-8E169CACBF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_as_400:*:*:*:*:*",
"matchCriteriaId": "C3E0300A-27F7-47C1-B725-55FF0BE92FF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_s_390:*:*:*:*:*",
"matchCriteriaId": "FF365F03-F95C-4047-BBA4-42EBD02E823B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_solaris:*:*:*:*:*",
"matchCriteriaId": "A2042D38-CF77-4149-9289-B3380F59D794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_windows:*:*:*:*:*",
"matchCriteriaId": "D275C0DB-E942-4EB9-B6AA-3112C1A697DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail_emanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4CE79B6-B9E8-4775-B7BF-90C2758EECE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanning_engine:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB5BDA1-06D4-49B9-99CD-F8B67A5EB895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38695C1D-DC51-45EB-9EEB-6E04490AFE6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7ACC41-E475-4770-B446-4B41EE008A26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BE7E0AA8-220E-4E20-9FF0-95C22664AFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:windows:*:*:*:*:*",
"matchCriteriaId": "5E2F6774-B29F-47E6-8E50-8CF4D9AB3EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:linux:*:*:*:*:*:*:*",
"matchCriteriaId": "7EB7A187-75F5-41B5-A6A9-2C28AC5F0F98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:linux_1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42A4608B-A7E7-4217-8F88-C12E9DEC9C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:novell_netware:*:*:*:*:*:*:*",
"matchCriteriaId": "2C1B8E24-4A28-4110-8DF4-72A5D19FAEAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:windows:*:*:*:*:*:*:*",
"matchCriteriaId": "7B0BE038-C7F1-45FE-BE54-3D4245B3F060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:viruswall:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1ABCB699-614A-45A5-B906-7650BB32EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:web_security_suite:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96D764CC-3574-4D95-8EA2-2C02F36EF133",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:webprotect:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "21F178A5-CEAF-407F-BDE1-2328A4B959A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed executable."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en Trend Micro Scan Engine versiones 8.000 y 8.300 anteriores al archivo de patrones de virus versi\u00f3n 4.245.00, tal y como es usado en otros productos como Cyber Clean Center (CCC) Cleaner, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un ejecutable comprimido UPX malformado."
}
],
"evaluatorImpact": "Failed exploit attempts will likely cause a denial-of-service condition.",
"id": "CVE-2007-0851",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-08T18:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/33038"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24087"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24128"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017601"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017602"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017603"
},
{
"source": "cve@mitre.org",
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/22449"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/jp/JVN%2377366274/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.jpcert.or.jp/at/2007/at070004.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/276432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/22449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32352"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-02-10 11:02
Modified
2025-04-03 01:03
Severity ?
Summary
Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of "Do not scan compressed files when Extracted file count exceeds 500 files," which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. NOTE: since this is related to a configuration setting that has an operational impact that might vary depending on the environment, and the product is claimed to report a message when the compressed file exceeds specified limits, perhaps this should not be included in CVE.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf | Vendor Advisory | |
| cve@mitre.org | http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/423896/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/423913/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/423914/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/424172/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/424598/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/16483 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/24658 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/423896/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/423913/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/423914/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/424172/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/424598/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/16483 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/24658 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | interscan_messaging_security_suite | * | |
| trend_micro | interscan_web_security_suite | * | |
| trend_micro | serverprotect | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42ECD45D-EB0D-4B7B-A2F6-529EA9BD3746",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "459E1A3E-1EF9-4544-B2F9-28654A2D565E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.58:*:emc:*:*:*:*:*",
"matchCriteriaId": "1364240C-2070-4CEA-BAE9-E94EAFFBBF1D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of \"Do not scan compressed files when Extracted file count exceeds 500 files,\" which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. NOTE: since this is related to a configuration setting that has an operational impact that might vary depending on the environment, and the product is claimed to report a message when the compressed file exceeds specified limits, perhaps this should not be included in CVE."
}
],
"id": "CVE-2006-0642",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-02-10T11:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/423896/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/423913/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/423914/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/424172/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/424598/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16483"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24658"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/423896/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/423913/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/423914/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/424172/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/424598/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24658"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/14396 | Patch, Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1013289 | Patch, Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1013290 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/12643 | Patch | |
| cve@mitre.org | http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution | Patch | |
| cve@mitre.org | http://xforce.iss.net/xforce/alerts/id/189 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/14396 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1013289 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1013290 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/12643 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://xforce.iss.net/xforce/alerts/id/189 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| trend_micro | client-server-messaging_suite_smb | gold | |
| trend_micro | client-server_suite_smb | gold | |
| trend_micro | control_manager | gold | |
| trend_micro | control_manager | gold | |
| trend_micro | control_manager | gold | |
| trend_micro | control_manager | gold | |
| trend_micro | control_manager | gold | |
| trend_micro | control_manager | netware | |
| trend_micro | interscan_emanager | 3.5 | |
| trend_micro | interscan_emanager | 3.5.2 | |
| trend_micro | interscan_emanager | 3.6 | |
| trend_micro | interscan_emanager | 3.6 | |
| trend_micro | interscan_emanager | 3.51 | |
| trend_micro | interscan_emanager | 3.51_j | |
| trend_micro | interscan_messaging_security_suite | 3.81 | |
| trend_micro | interscan_messaging_security_suite | 5.5 | |
| trend_micro | interscan_messaging_security_suite | gold | |
| trend_micro | interscan_messaging_security_suite | gold | |
| trend_micro | interscan_messaging_security_suite | gold | |
| trend_micro | interscan_viruswall | 3.0.1 | |
| trend_micro | interscan_viruswall | 3.0.1 | |
| trend_micro | interscan_viruswall | 3.4 | |
| trend_micro | interscan_viruswall | 3.5 | |
| trend_micro | interscan_viruswall | 3.6 | |
| trend_micro | interscan_viruswall | 3.6 | |
| trend_micro | interscan_viruswall | 3.6 | |
| trend_micro | interscan_viruswall | 3.6 | |
| trend_micro | interscan_viruswall | 3.6.5 | |
| trend_micro | interscan_viruswall | 3.51 | |
| trend_micro | interscan_viruswall | 3.52 | |
| trend_micro | interscan_viruswall | 3.52_build1466 | |
| trend_micro | interscan_viruswall | 5.1 | |
| trend_micro | interscan_viruswall | gold | |
| trend_micro | interscan_viruswall | gold | |
| trend_micro | interscan_viruswall | gold | |
| trend_micro | interscan_viruswall | gold | |
| trend_micro | interscan_viruswall | gold | |
| trend_micro | interscan_web_security_suite | gold | |
| trend_micro | interscan_web_security_suite | gold | |
| trend_micro | interscan_web_security_suite | gold | |
| trend_micro | interscan_webmanager | 1.2 | |
| trend_micro | interscan_webmanager | 2.0 | |
| trend_micro | interscan_webmanager | 2.1 | |
| trend_micro | interscan_webprotect | gold | |
| trend_micro | officescan | 3.0 | |
| trend_micro | officescan | corporate_3.0 | |
| trend_micro | officescan | corporate_3.1.1 | |
| trend_micro | officescan | corporate_3.5 | |
| trend_micro | officescan | corporate_3.5 | |
| trend_micro | officescan | corporate_3.11 | |
| trend_micro | officescan | corporate_3.11 | |
| trend_micro | officescan | corporate_3.13 | |
| trend_micro | officescan | corporate_3.13 | |
| trend_micro | officescan | corporate_3.54 | |
| trend_micro | officescan | corporate_5.02 | |
| trend_micro | officescan | corporate_5.5 | |
| trend_micro | officescan | corporate_5.58 | |
| trend_micro | officescan | corporate_6.5 | |
| trend_micro | pc-cillin | 6.0 | |
| trend_micro | pc-cillin | 2000 | |
| trend_micro | pc-cillin | 2002 | |
| trend_micro | pc-cillin | 2003 | |
| trend_micro | portalprotect | 1.0 | |
| trend_micro | scanmail | 2.6 | |
| trend_micro | scanmail | 2.51 | |
| trend_micro | scanmail | 3.8 | |
| trend_micro | scanmail | 3.81 | |
| trend_micro | scanmail | 6.1 | |
| trend_micro | scanmail | gold | |
| trend_micro | scanmail | gold | |
| trend_micro | scanmail | gold | |
| trend_micro | scanmail | gold | |
| trend_micro | scanmail | gold | |
| trend_micro | scanmail_emanager | * | |
| trend_micro | serverprotect | 1.3 | |
| trend_micro | serverprotect | 1.25_2007-02-16 | |
| trend_micro | serverprotect | 2.5 | |
| trend_micro | serverprotect | 5.3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trend_micro:client-server-messaging_suite_smb:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "8C9AAAD5-E973-41CB-B7FD-85D1EA04F6D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:client-server_suite_smb:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "664CD81D-30AD-450B-A9FF-7C0FC61C938A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:as_400:*:*:*:*:*",
"matchCriteriaId": "CEEC709C-CE2F-435D-8595-3B7462F5D58A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:s_390:*:*:*:*:*",
"matchCriteriaId": "416653F7-D8D5-4947-A097-8E1298DD0FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "0416D605-20FC-4C87-8009-C240530A1B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "4FFD939A-C783-4A02-9859-B823A57F8A5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:gold:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "723E2C95-124F-422F-A241-AECA1D5E0D0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:control_manager:netware:*:*:*:*:*:*:*",
"matchCriteriaId": "2A63C770-365B-4EAF-AF4B-1B379F943DF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.5:*:hp:*:*:*:*:*",
"matchCriteriaId": "9D2CAA96-4C71-482B-A033-E4AD0814C638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.5.2:*:windows:*:*:*:*:*",
"matchCriteriaId": "0DEAD496-BB59-464D-9BBA-29158CF65C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:linux:*:*:*:*:*",
"matchCriteriaId": "8767F042-4333-404A-B7D7-6830B6959890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.6:*:sun:*:*:*:*:*",
"matchCriteriaId": "C02396DD-CFBF-4019-8AC7-9C41821AF8E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF73278-A5E9-4975-9C0B-DD9413A33FA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_emanager:3.51_j:*:*:*:*:*:*:*",
"matchCriteriaId": "A7F86817-D352-452E-B80F-1402C8A76372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "4086086F-4F57-4E73-B473-FFF33CD23F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0F1E2358-2868-4D95-A783-0D7A591A691C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:linux:*:*:*:*:*",
"matchCriteriaId": "7E8ADD8C-2E58-4671-BECF-B02A5DE04A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "4CD5D110-5FA3-4F6C-A727-06A73676EC9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_messaging_security_suite:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "CD824873-B625-4755-ADC9-C6657CD63208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "E4B9603D-79FE-4E7C-A9F9-E9A24FBBDF3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.0.1:*:unix:*:*:*:*:*",
"matchCriteriaId": "475CED59-77F7-4E6B-8DB6-EFFC7F8D5929",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.4:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "75734296-9435-4A96-B30C-572BF1BBAD14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.5:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "61C0968D-D8F1-450C-B4E9-94535B4CF637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:hp_ux:*:*:*:*:*",
"matchCriteriaId": "106EB780-7455-41F7-ADB0-67C541F6C53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:solaris:*:*:*:*:*",
"matchCriteriaId": "A9EB55C4-00FB-4D2F-993D-27269F09CF08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:unix:*:*:*:*:*",
"matchCriteriaId": "1D8580C2-B757-4C4C-A9B6-960905101E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "D9AE5039-8467-48C2-8417-E7B18A48F0D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.6.5:*:linux:*:*:*:*:*",
"matchCriteriaId": "82425C25-4464-4C69-A7C9-6B7369661E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.51:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "15B05F1A-7AA1-46E5-947B-C422F9618F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.52:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "EB4F32FC-8391-4B3B-AA42-07E392053A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:3.52_build1466:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "1BF5CF24-83B8-4AC3-A849-C56979CB38DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:5.1:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "25D7EFC1-4053-46E9-9081-3BBAB0300C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:aix:*:*:*:*:*",
"matchCriteriaId": "8B678239-DD77-488C-82FE-27D6FC47B94A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:linux_for_smb:*:*:*:*:*",
"matchCriteriaId": "071EDC78-C902-4D79-8CDF-F5DD30BF7027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:smb:*:*:*:*:*",
"matchCriteriaId": "55C6BD67-FE95-43A7-91F7-608DEC79C24A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "29EDFC0F-687B-4B56-8910-67C6E3907483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_viruswall:gold:*:windows_nt_for_smb:*:*:*:*:*",
"matchCriteriaId": "5A694256-BD24-4EED-9833-B15DCA874F15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:linux:*:*:*:*:*",
"matchCriteriaId": "1DCB7541-8145-47CA-9F4E-4A600CA454EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:solaris:*:*:*:*:*",
"matchCriteriaId": "DB8B2F17-7C2B-4782-9492-D967A2AD8B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_web_security_suite:gold:*:windows:*:*:*:*:*",
"matchCriteriaId": "D1E65854-8869-41F7-BAFE-B7545FC98BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C33920-9BC7-41BC-BB66-723D0BAF2839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A73B43D9-A721-4D48-A2D6-48A77355965F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webmanager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1F3645D-2B7D-44ED-83DE-ABF9016CD0D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:interscan_webprotect:gold:*:isa:*:*:*:*:*",
"matchCriteriaId": "921B617D-F37E-4D10-A627-09F9678790B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:3.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4013BF7E-DE8F-4941-BF15-D17C8C88DB78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.0:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "093EED07-F4C1-47B2-9D08-3DE0D57D5CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.1.1:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "CBA9F2BA-1274-465C-B723-ABB54CA17FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BE60F5D9-35D0-4D0E-85D1-EE71E533622F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.5:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "6F37307A-7847-4D5A-99D8-8A4BE424CD21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BF74A292-2B1B-43FC-AA82-CFB04D7644E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.11:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "925DA405-9719-452C-8369-D4A60CC916C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "46575AE8-8718-44D8-AF5C-14F7981B3238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.13:*:windows_nt_server:*:*:*:*:*",
"matchCriteriaId": "F893D171-7AB3-4422-BA86-021B0211EE36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_3.54:*:*:*:*:*:*:*",
"matchCriteriaId": "A79FBAAA-D6B8-4A05-B8E1-D7549207EA5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CE3BB4-54BA-48DE-9CFC-C2241D99DA67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F25D89-826B-4FA0-AA8F-CD729F00F9BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE87037-D7CC-480B-BBD2-F1802294D4F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:officescan:corporate_6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB43A95-60F8-425A-8434-C07EC799DC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBAA86F-8DE4-4BC8-B295-89CF981C28D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2000:*:*:*:*:*:*:*",
"matchCriteriaId": "9994E64C-0E8C-4A9C-A321-6A73A16E33AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2002:*:*:*:*:*:*:*",
"matchCriteriaId": "A65282E0-2332-4CAA-9BA9-3794C2CDE960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:pc-cillin:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "E56D571B-649D-41E2-A502-6C1EBAB73F62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:portalprotect:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C991F564-93D1-4E63-8B71-B0C9CD9BECA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:2.6:*:domino:*:*:*:*:*",
"matchCriteriaId": "195D657C-4A4B-4832-B1A6-056FB990401E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:2.51:*:domino:*:*:*:*:*",
"matchCriteriaId": "929BCF43-AC3A-43D0-8819-7673996D216D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:3.8:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "3BFF861D-F544-4902-A958-BE566FB85738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:3.81:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "3B282BE2-8116-48A7-B6D6-544983FF72C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:6.1:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "C81AFD13-0883-48F5-BD6B-707CFFE07262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_aix:*:*:*:*:*",
"matchCriteriaId": "B4963C96-FA13-4E54-8EE3-8E169CACBF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_as_400:*:*:*:*:*",
"matchCriteriaId": "C3E0300A-27F7-47C1-B725-55FF0BE92FF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_s_390:*:*:*:*:*",
"matchCriteriaId": "FF365F03-F95C-4047-BBA4-42EBD02E823B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_solaris:*:*:*:*:*",
"matchCriteriaId": "A2042D38-CF77-4149-9289-B3380F59D794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail:gold:*:lotus_domino_on_windows:*:*:*:*:*",
"matchCriteriaId": "D275C0DB-E942-4EB9-B6AA-3112C1A697DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:scanmail_emanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4CE79B6-B9E8-4775-B7BF-90C2758EECE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:1.3:*:linux:*:*:*:*:*",
"matchCriteriaId": "FB28FE16-F163-4287-9A4E-843C2E67792E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:1.25_2007-02-16:*:linux:*:*:*:*:*",
"matchCriteriaId": "6E8704FA-AA3C-4664-A5AA-50F60AE77642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:2.5:*:linux:*:*:*:*:*",
"matchCriteriaId": "BEDB64E2-6157-47C1-842E-26A40A885ECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trend_micro:serverprotect:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38695C1D-DC51-45EB-9EEB-6E04490AFE6F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure."
}
],
"id": "CVE-2005-0533",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14396"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013289"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013290"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12643"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerability+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/189"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}