CVE-2005-1693

Name of the Vulnerable Software and Affected Versions eTrust Antivirus versions 6.0 through 7.1 eTrust Antivirus for the Gateway versions 7.0 and 7.1 CA InoculateIT version 6.0 eTrust Secure Content Manager (affected versions not specified) eTrust Intrusion Detection (affected versions not specified) BrightStor ARCserve Backup (BAB) version 11.1 Vet Antivirus (affected versions not specified) Zonelabs ZoneAlarm Security Suite (affected versions not specified) ZoneAlarm Antivirus (affected versions not specified)

Description The issue is related to an integer overflow in the Computer Associates Vet Antivirus library. This allows remote attackers to gain privileges via a compressed VBA directory with a project name length of -1, leading to a heap-based buffer overflow.

Recommendations For eTrust Antivirus versions 6.0 through 7.1, update to a version outside of this range to resolve the issue. For eTrust Antivirus for the Gateway versions 7.0 and 7.1, update to a version outside of this range to resolve the issue. For CA InoculateIT version 6.0, update to a newer version to resolve the issue. For eTrust Secure Content Manager, eTrust Intrusion Detection, BrightStor ARCserve Backup (BAB) version 11.1, Vet Antivirus, Zonelabs ZoneAlarm Security Suite, and ZoneAlarm Antivirus, at the moment, there is no information about a newer version that contains a fix for this vulnerability.