CVE-2005-1929 (GCVE-0-2005-1929)
Vulnerability from cvelistv5
Published
2005-12-14 21:00
Modified
2024-08-07 22:06
Severity ?
CWE
  • n/a
Summary
Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chunked transfer requests. NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As such, this might not be a vulnerability in Trend Micro's product.
References
cve@mitre.org http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.html
cve@mitre.org http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039978.html
cve@mitre.org http://secunia.com/advisories/18038 Vendor Advisory
cve@mitre.org http://securityreason.com/securityalert/256
cve@mitre.org http://securityreason.com/securityalert/257
cve@mitre.org http://securitytracker.com/id?1015358
cve@mitre.org http://www.idefense.com/application/poi/display?id=353&type=vulnerabilities Vendor Advisory
cve@mitre.org http://www.osvdb.org/21771
cve@mitre.org http://www.osvdb.org/21772
cve@mitre.org http://www.securityfocus.com/bid/15865
cve@mitre.org http://www.securityfocus.com/bid/15866
cve@mitre.org http://www.vupen.com/english/advisories/2005/2907 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.html
af854a3a-2127-422b-91ae-364da2661108 http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039978.html
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/18038 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://securityreason.com/securityalert/256
af854a3a-2127-422b-91ae-364da2661108 http://securityreason.com/securityalert/257
af854a3a-2127-422b-91ae-364da2661108 http://securitytracker.com/id?1015358
af854a3a-2127-422b-91ae-364da2661108 http://www.idefense.com/application/poi/display?id=353&type=vulnerabilities Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.osvdb.org/21771
af854a3a-2127-422b-91ae-364da2661108 http://www.osvdb.org/21772
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/15865
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/15866
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2005/2907 Vendor Advisory
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:06:57.662Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "18038",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18038"
          },
          {
            "name": "257",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/257"
          },
          {
            "name": "20051214 Re: iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039978.html"
          },
          {
            "name": "1015358",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015358"
          },
          {
            "name": "20051214 Re: iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.html"
          },
          {
            "name": "21772",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/21772"
          },
          {
            "name": "21771",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/21771"
          },
          {
            "name": "20051214 Trend Micro ServerProtect isaNVWRequest.dll Chunked Overflow",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/application/poi/display?id=353\u0026type=vulnerabilities"
          },
          {
            "name": "256",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/256"
          },
          {
            "name": "15865",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15865"
          },
          {
            "name": "15866",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15866"
          },
          {
            "name": "ADV-2005-2907",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2907"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-12-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via \"wrapped\" length values in Chunked transfer requests.  NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load.  As such, this might not be a vulnerability in Trend Micro\u0027s product."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-12-20T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "18038",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18038"
        },
        {
          "name": "257",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/257"
        },
        {
          "name": "20051214 Re: iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039978.html"
        },
        {
          "name": "1015358",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015358"
        },
        {
          "name": "20051214 Re: iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.html"
        },
        {
          "name": "21772",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/21772"
        },
        {
          "name": "21771",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/21771"
        },
        {
          "name": "20051214 Trend Micro ServerProtect isaNVWRequest.dll Chunked Overflow",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/application/poi/display?id=353\u0026type=vulnerabilities"
        },
        {
          "name": "256",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/256"
        },
        {
          "name": "15865",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15865"
        },
        {
          "name": "15866",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15866"
        },
        {
          "name": "ADV-2005-2907",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2907"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-1929",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via \"wrapped\" length values in Chunked transfer requests.  NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load.  As such, this might not be a vulnerability in Trend Micro\u0027s product."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "18038",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18038"
            },
            {
              "name": "257",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/257"
            },
            {
              "name": "20051214 Re: iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039978.html"
            },
            {
              "name": "1015358",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015358"
            },
            {
              "name": "20051214 Re: iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.html"
            },
            {
              "name": "21772",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/21772"
            },
            {
              "name": "21771",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/21771"
            },
            {
              "name": "20051214 Trend Micro ServerProtect isaNVWRequest.dll Chunked Overflow",
              "refsource": "IDEFENSE",
              "url": "http://www.idefense.com/application/poi/display?id=353\u0026type=vulnerabilities"
            },
            {
              "name": "256",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/256"
            },
            {
              "name": "15865",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15865"
            },
            {
              "name": "15866",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15866"
            },
            {
              "name": "ADV-2005-2907",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2907"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-1929",
    "datePublished": "2005-12-14T21:00:00",
    "dateReserved": "2005-06-08T00:00:00",
    "dateUpdated": "2024-08-07T22:06:57.662Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2005-1929\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2005-12-14T21:03:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via \\\"wrapped\\\" length values in Chunked transfer requests.  NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load.  As such, this might not be a vulnerability in Trend Micro\u0027s product.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trend_micro:serverprotect:*:*:emc:*:*:*:*:*\",\"versionEndIncluding\":\"5.58\",\"matchCriteriaId\":\"37239A26-21E5-4A7D-BB3B-219954F72751\"}]}]}],\"references\":[{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039978.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/18038\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/256\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securityreason.com/securityalert/257\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1015358\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.idefense.com/application/poi/display?id=353\u0026type=vulnerabilities\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/21771\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/21772\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/15865\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/15866\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2005/2907\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039978.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/18038\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/256\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securityreason.com/securityalert/257\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1015358\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.idefense.com/application/poi/display?id=353\u0026type=vulnerabilities\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/21771\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/21772\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/15865\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/15866\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2005/2907\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.