CVE-2005-1929

N/A Unknown

Published: December 14, 2005 Modified: April 16, 2026

Description

Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chunked transfer requests. NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As such, this might not be a vulnerability in Trend Micro's product.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.html

Source: cve@mitre.org

http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039978.html

Source: cve@mitre.org

http://secunia.com/advisories/18038

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/256

Source: cve@mitre.org

http://securityreason.com/securityalert/257

Source: cve@mitre.org

http://securitytracker.com/id?1015358

Source: cve@mitre.org

http://www.idefense.com/application/poi/display?id=353&type=vulnerabilities

Source: cve@mitre.org

Vendor Advisory

http://www.osvdb.org/21771

Source: cve@mitre.org

http://www.osvdb.org/21772

Source: cve@mitre.org

http://www.securityfocus.com/bid/15865

Source: cve@mitre.org

http://www.securityfocus.com/bid/15866

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2005/2907

Source: cve@mitre.org

Vendor Advisory

http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/039978.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/18038

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securityreason.com/securityalert/256

Source: af854a3a-2127-422b-91ae-364da2661108

http://securityreason.com/securityalert/257

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1015358

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.idefense.com/application/poi/display?id=353&type=vulnerabilities

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.osvdb.org/21771

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/21772

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/15865

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/15866

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2005/2907

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

24 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

4.8%

89th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

trend_micro

Related CVEs

CVE-2026-41279 N/A

CVE-2026-41278 N/A

CVE-2026-41277 N/A

CVE-2026-41276 N/A

CVE-2026-41275 N/A