Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2005-1693

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, BrightStor ARCserve Backup (BAB) r11.1, Vet Antivirus, Zonelabs ZoneAlarm Security Suite, and ZoneAlarm Antivirus, allows remote attackers to gain privileges via a compressed VBA directory with a project name length of -1, which leads to a heap-based buffer overflow.

Published

2005-05-24T04:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 10.0 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

10.0

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	broadcom	etrust_antivirus	6.0	Yes
Application	broadcom	etrust_antivirus	7.0	Yes
Application	broadcom	etrust_antivirus	7.1	Yes
Application	broadcom	etrust_antivirus_ee	6.0	Yes
Application	broadcom	etrust_antivirus_ee	7.0	Yes
Application	broadcom	etrust_ez_armor	1.0	Yes
Application	broadcom	etrust_ez_armor	2.0	Yes
Application	broadcom	etrust_ez_armor	2.3	Yes
Application	broadcom	etrust_ez_armor	2.4	Yes
Application	broadcom	etrust_ez_armor	2.4.4	Yes
Application	broadcom	etrust_ez_armor_le	2.0	Yes
Application	broadcom	etrust_ez_armor_le	3.0.0.14	Yes
Application	broadcom	etrust_intrusion_detection	1.4.1.13	Yes
Application	broadcom	etrust_intrusion_detection	1.4.5	Yes
Application	broadcom	etrust_intrusion_detection	1.5	Yes
Application	broadcom	etrust_intrusion_detection	3.0	Yes
Application	broadcom	etrust_secure_content_manager	1.0	Yes
Application	broadcom	etrust_secure_content_manager	1.1	Yes
Application	broadcom	inoculateit	6.0	Yes
Application	ca	brightstor_arcserve_backup	11.1	Yes
Application	ca	etrust_antivirus	7.0	Yes
Application	ca	etrust_antivirus	7.0_sp2	Yes
Application	ca	etrust_antivirus	7.1	Yes
Application	ca	etrust_intrusion_detection	3.0	Yes
Application	ca	etrust_secure_content_manager	1.0	Yes
Application	ca	vet_antivirus	10.66	Yes
Application	zonelabs	zonealarm	*	Yes
Application	zonelabs	zonealarm_antivirus	*	Yes

References

http://crm.my-etrust.com/login.asp?username=guest&target=DOCUMENT&openparameter=1588 Patch ([email protected])
http://marc.info/?l=bugtraq&m=111686576416450&w=2 ([email protected])
http://secunia.com/advisories/15470 ([email protected])
http://secunia.com/advisories/15479 ([email protected])
http://securitytracker.com/id?1014050 ([email protected])
http://www.rem0te.com/public/images/vet.pdf ([email protected])
http://www.securityfocus.com/bid/13710 Vendor Advisory ([email protected])
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32896 Patch, Vendor Advisory ([email protected])
http://crm.my-etrust.com/login.asp?username=guest&target=DOCUMENT&openparameter=1588 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=111686576416450&w=2 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/15470 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/15479 (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1014050 (af854a3a-2127-422b-91ae-364da2661108)
http://www.rem0te.com/public/images/vet.pdf (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/13710 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32896 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)