Trend Micro VSAPI ARJ Handling Heap Overflow

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote host is running an application that is affected by a buffer
overflow vulnerability.

Description :

The remote host is running a version of the Trend Micro engine that has
a heap overflow vulnerability in the ARJ handling functions.

An attacker may exploit this flaw to bypass virus protection altogether
and execute arbitrary code on the remote host. To exploit this flaw, an
attacker would need to submit a malformed ARJ archive to a process on
the remote host and wait for the antivirus engine to scan it.

See also :

http://www.nessus.org/u?e2d903ac

Solution :

Upgrade to the Trend Micro engine version 7.510 or newer.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.4
(CVSS2#E:U/RL:U/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 17213 ()

Bugtraq ID: 12643

CVE ID: CVE-2005-0533

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now