CVE-2005-1693

Severity

99%

Complexity

99%

Confidentiality

165%

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, BrightStor ARCserve Backup (BAB) r11.1, Vet Antivirus, Zonelabs ZoneAlarm Security Suite, and ZoneAlarm Antivirus, allows remote attackers to gain privileges via a compressed VBA directory with a project name length of -1, which leads to a heap-based buffer overflow.

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, BrightStor ARCserve Backup (BAB) r11.1, Vet Antivirus, Zonelabs ZoneAlarm Security Suite, and ZoneAlarm Antivirus, allows remote attackers to gain privileges via a compressed VBA directory with a project name length of -1, which leads to a heap-based buffer overflow.

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

First reported 19 years ago

2005-05-24 04:00:00

Last updated 8 years ago

2016-10-18 03:21:00

Affected Software

Computer Associates eTrust Antivirus 6.0

6.0

Computer Associates eTrust Antivirus 7.0

7.0

Computer Associates eTrust Antivirus 7.1

7.1

Computer Associates eTrust Antivirus EE 6.0

6.0

Computer Associates eTrust Antivirus EE 7.0

7.0

Computer Associates eTrust EZ Armor 1.0

1.0

Computer Associates eTrust EZ Armor 2.0

2.0

Computer Associates eTrust EZ Armor 2.3

2.3

Computer Associates eTrust EZ Armor 2.4

2.4

Computer Associates eTrust EZ Armor 2.4.4

2.4.4

Computer Associates eTrust EZ Armor LE 2.0

2.0

Computer Associates eTrust EZ Armor LE 3.0.0.1.4

3.0.0.14

Computer Associates eTrust Intrusion Detection 1.4.1.13

1.4.1.13

Computer Associates eTrust Intrusion Detection 1.4.5

1.4.5

Computer Associates eTrust Intrusion Detection 1.5

1.5

Computer Associates eTrust Intrusion Detection 3.0

3.0

Computer Associates eTrust Secure Content Manager 1.0

1.0

Computer Associates eTrust Secure Content Manager 1.1

1.1

Computer Associates InoculateIT 6.0

6.0

Computer Associates Vet Antivirus 10.66

10.66

Zone Labs ZoneAlarm

Zone Labs ZoneAlarm Antivirus

References

http://crm.my-etrust.com/login.asp?username=guest&target=DOCUMENT&openparameter=1588

Patch

20050523 Computer Associates Vet Antivirus Library Remote Heap Overflow

15470

15479

1014050

http://www.rem0te.com/public/images/vet.pdf

13710

Vendor Advisory

http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32896

Patch, Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.