Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-0637 — Micro Interscan Viruswall vulnerability

4 documents4 sources

Severity

7.5HIGHNVD

EPSS

3.8%

top 11.85%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Trend Micro Interscan Viruswall

Timeline

PublishedJul 11

Latest updateApr 30

Description

InterScan VirusWall 3.52 build 1462 allows remote attackers to bypass virus protection via e-mail messages with headers that violate RFC specifications by having (or missing) space characters in unexpected places (aka "space gap"), such as (1) Content-Type :", (2) "Content-Transfer-Encoding :", (3) no space before a boundary declaration, or (4) "boundary= ", which is processed by Outlook Express.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDtrend_micro/interscan_viruswall3.52

Patches

Patch: www.securiteam.com ↗Patch: www.securiteam.com ↗

🔴Vulnerability Details

GHSA

GHSA-fc5f-6557-pm73: InterScan VirusWall 3↗2022-04-30

▶

CVEList

CVE-2002-0637: InterScan VirusWall 3↗2002-07-04

▶

💥Exploits & PoCs

Exploit-DB

Trend Micro Interscan VirusWall for Windows NT 3.52 - Space Gap Scan Bypass↗2002-07-18

▶