Unrated severityNVD Advisory· Published Dec 14, 2005· Updated Apr 16, 2026

CVE-2005-1929

Description

Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chunked transfer requests. NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As such, this might not be a vulnerability in Trend Micro's product.

Affected products

Trend Micro/Serverprotect
cpe:2.3:a:trend_micro:serverprotect:*:*:emc:*:*:*:*:*
Range: <=5.58

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/18038nvdVendor Advisory
www.idefense.com/application/poi/displaynvdVendor Advisory
www.vupen.com/english/advisories/2005/2907nvdVendor Advisory
lists.grok.org.uk/pipermail/full-disclosure/2005-December/039972.htmlnvd
lists.grok.org.uk/pipermail/full-disclosure/2005-December/039978.htmlnvd
securityreason.com/securityalert/256nvd
securityreason.com/securityalert/257nvd
securitytracker.com/idnvd
www.osvdb.org/21771nvd
www.osvdb.org/21772nvd
www.securityfocus.com/bid/15865nvd
www.securityfocus.com/bid/15866nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000