CVE-2005-1693

Sažetak

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, BrightStor ARCserve Backup (BAB) r11.1, Vet Antivirus, Zonelabs ZoneAlarm Security Suite, and ZoneAlarm Antivirus, allows remote attackers to gain privileges via a compressed VBA directory with a project name length of -1, which leads to a heap-based buffer overflow.

Reference

http://crm.my-etrust.com/login.asp?username=guest&target=DOCUMENT&openparameter=1588
http://marc.info/?l=bugtraq&m=111686576416450&w=2
http://secunia.com/advisories/15470
http://secunia.com/advisories/15479
http://securitytracker.com/id?1014050
http://www.rem0te.com/public/images/vet.pdf
http://www.securityfocus.com/bid/13710
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32896

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

09-04-2021 - 17:00

Objavljeno

24-05-2005 - 04:00