Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2002-1121

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-14 Sep, 2002 | 04:00
Updated At-08 Aug, 2024 | 03:12
Rejected At-
Credits

SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 ("Message Fragmentation and Reassembly") and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:14 Sep, 2002 | 04:00
Updated At:08 Aug, 2024 | 03:12
Rejected At:
▼CVE Numbering Authority (CNA)

SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 ("Message Fragmentation and Reassembly") and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0113.html
mailing-list
x_refsource_VULNWATCH
http://marc.info/?l=bugtraq&m=103184267105132&w=2
mailing-list
x_refsource_BUGTRAQ
http://archives.neohapsis.com/archives/bugtraq/2002-09/0135.html
mailing-list
x_refsource_BUGTRAQ
http://www.iss.net/security_center/static/10088.php
vdb-entry
x_refsource_XF
http://www.securiteam.com/securitynews/5YP0A0K8CM.html
x_refsource_MISC
http://marc.info/?l=bugtraq&m=103184501408453&w=2
mailing-list
x_refsource_BUGTRAQ
http://www.kb.cert.org/vuls/id/836088
third-party-advisory
x_refsource_CERT-VN
http://www.securityfocus.com/bid/5696
vdb-entry
x_refsource_BID
http://archives.neohapsis.com/archives/bugtraq/2002-09/0134.html
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0113.html
Resource:
mailing-list
x_refsource_VULNWATCH
Hyperlink: http://marc.info/?l=bugtraq&m=103184267105132&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2002-09/0135.html
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.iss.net/security_center/static/10088.php
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.securiteam.com/securitynews/5YP0A0K8CM.html
Resource:
x_refsource_MISC
Hyperlink: http://marc.info/?l=bugtraq&m=103184501408453&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.kb.cert.org/vuls/id/836088
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.securityfocus.com/bid/5696
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2002-09/0134.html
Resource:
mailing-list
x_refsource_BUGTRAQ
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0113.html
mailing-list
x_refsource_VULNWATCH
x_transferred
http://marc.info/?l=bugtraq&m=103184267105132&w=2
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://archives.neohapsis.com/archives/bugtraq/2002-09/0135.html
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.iss.net/security_center/static/10088.php
vdb-entry
x_refsource_XF
x_transferred
http://www.securiteam.com/securitynews/5YP0A0K8CM.html
x_refsource_MISC
x_transferred
http://marc.info/?l=bugtraq&m=103184501408453&w=2
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.kb.cert.org/vuls/id/836088
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.securityfocus.com/bid/5696
vdb-entry
x_refsource_BID
x_transferred
http://archives.neohapsis.com/archives/bugtraq/2002-09/0134.html
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0113.html
Resource:
mailing-list
x_refsource_VULNWATCH
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=103184267105132&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2002-09/0135.html
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.iss.net/security_center/static/10088.php
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.securiteam.com/securitynews/5YP0A0K8CM.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=103184501408453&w=2
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/836088
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.securityfocus.com/bid/5696
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2002-09/0134.html
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:24 Sep, 2002 | 04:00
Updated At:03 Apr, 2025 | 01:03

SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 ("Message Fragmentation and Reassembly") and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
gfi
gfi
>>mailsecurity>>7.2
cpe:2.3:a:gfi:mailsecurity:7.2:*:exchange_smtp:*:*:*:*:*
network_associates
network_associates
>>webshield_smtp>>4.0.5
cpe:2.3:a:network_associates:webshield_smtp:4.0.5:*:*:*:*:*:*:*
network_associates
network_associates
>>webshield_smtp>>4.5
cpe:2.3:a:network_associates:webshield_smtp:4.5:*:*:*:*:*:*:*
network_associates
network_associates
>>webshield_smtp>>4.5.44
cpe:2.3:a:network_associates:webshield_smtp:4.5.44:*:*:*:*:*:*:*
network_associates
network_associates
>>webshield_smtp>>4.5.74.0
cpe:2.3:a:network_associates:webshield_smtp:4.5.74.0:*:*:*:*:*:*:*
roaring_penguin
roaring_penguin
>>canit>>1.2
cpe:2.3:a:roaring_penguin:canit:1.2:*:*:*:*:*:*:*
roaring_penguin
roaring_penguin
>>mimedefang>>2.14
cpe:2.3:a:roaring_penguin:mimedefang:2.14:*:*:*:*:*:*:*
roaring_penguin
roaring_penguin
>>mimedefang>>2.20
cpe:2.3:a:roaring_penguin:mimedefang:2.20:*:*:*:*:*:*:*
Trend Micro Incorporated
trend_micro
>>interscan_viruswall>>3.5
cpe:2.3:a:trend_micro:interscan_viruswall:3.5:*:*:*:*:*:*:*
Trend Micro Incorporated
trend_micro
>>interscan_viruswall>>3.51
cpe:2.3:a:trend_micro:interscan_viruswall:3.51:*:*:*:*:*:*:*
Trend Micro Incorporated
trend_micro
>>interscan_viruswall>>3.52
cpe:2.3:a:trend_micro:interscan_viruswall:3.52:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://archives.neohapsis.com/archives/bugtraq/2002-09/0134.htmlcve@mitre.org
N/A
http://archives.neohapsis.com/archives/bugtraq/2002-09/0135.htmlcve@mitre.org
N/A
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0113.htmlcve@mitre.org
Vendor Advisory
http://marc.info/?l=bugtraq&m=103184267105132&w=2cve@mitre.org
N/A
http://marc.info/?l=bugtraq&m=103184501408453&w=2cve@mitre.org
N/A
http://www.iss.net/security_center/static/10088.phpcve@mitre.org
Vendor Advisory
http://www.kb.cert.org/vuls/id/836088cve@mitre.org
US Government Resource
http://www.securiteam.com/securitynews/5YP0A0K8CM.htmlcve@mitre.org
N/A
http://www.securityfocus.com/bid/5696cve@mitre.org
N/A
http://archives.neohapsis.com/archives/bugtraq/2002-09/0134.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://archives.neohapsis.com/archives/bugtraq/2002-09/0135.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0113.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://marc.info/?l=bugtraq&m=103184267105132&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=103184501408453&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.iss.net/security_center/static/10088.phpaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.kb.cert.org/vuls/id/836088af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.securiteam.com/securitynews/5YP0A0K8CM.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/5696af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2002-09/0134.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2002-09/0135.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0113.html
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://marc.info/?l=bugtraq&m=103184267105132&w=2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=103184501408453&w=2
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.iss.net/security_center/static/10088.php
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.kb.cert.org/vuls/id/836088
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.securiteam.com/securitynews/5YP0A0K8CM.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/5696
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2002-09/0134.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2002-09/0135.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0113.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://marc.info/?l=bugtraq&m=103184267105132&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=103184501408453&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.iss.net/security_center/static/10088.php
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.kb.cert.org/vuls/id/836088
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.securiteam.com/securitynews/5YP0A0K8CM.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/5696
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

30Records found
CVE-2006-6179
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.98% / 87.94%
||
7 Day CHG~0.00%
Published-30 Nov, 2006 | 23:00
Updated-07 Aug, 2024 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\CgiRemoteInstall.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1089 allows remote attackers to execute arbitrary code via unknown attack vectors.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-officescann/a
CVE-2012-2998
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.5||HIGH
EPSS-9.79% / 92.65%
||
7 Day CHG~0.00%
Published-28 Sep, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in the ad hoc query module in Trend Micro Control Manager (TMCM) before 5.5.0.1823 and 6.0 before 6.0.0.1449 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-control_managern/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2005-3182
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.29% / 90.56%
||
7 Day CHG~0.00%
Published-20 Oct, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as (1) Host and (2) Accept in HTTP requests. NOTE: the vendor suggests that this issues is "in an underlying Microsoft technology" which, if true, could mean that the overflow affects other products as well.

Action-Not Available
Vendor-gfin/a
Product-mailsecurityn/a
CVE-2005-1929
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.75% / 89.01%
||
7 Day CHG~0.00%
Published-14 Dec, 2005 | 21:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro ServerProtect Management Console 5.58 and earlier, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Server 1.1, allow remote attackers to execute arbitrary code via "wrapped" length values in Chunked transfer requests. NOTE: the original report suggests that the relay.dll issue is related to a problem in which a Microsoft Foundation Classes (MFC) static library returns invalid values under heavy load. As such, this might not be a vulnerability in Trend Micro's product.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-serverprotectn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2005-0533
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.97% / 91.06%
||
7 Day CHG~0.00%
Published-24 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-scanmailserverprotectcontrol_managerinterscan_viruswallpc-cillinofficescaninterscan_messaging_security_suiteinterscan_webmanagerportalprotectscanmail_emanagerclient-server-messaging_suite_smbclient-server_suite_smbinterscan_web_security_suiteinterscan_webprotectinterscan_emanagern/a
CVE-2005-0383
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.89% / 74.56%
||
7 Day CHG~0.00%
Published-13 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Trend Micro Control Manager 3.0 Enterprise Edition allows remote attackers to gain privileges via a replay attack of the encrypted username and password.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-control_managern/a
CVE-2021-29281
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.52% / 65.84%
||
7 Day CHG~0.00%
Published-07 Jul, 2022 | 19:38
Updated-03 Aug, 2024 | 22:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317.

Action-Not Available
Vendor-gfin/a
Product-archivern/a
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2004-1098
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.45% / 62.59%
||
7 Day CHG~0.00%
Published-01 Dec, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header.

Action-Not Available
Vendor-roaring_penguinn/aSUSEMandriva (Mandrakesoft)
Product-mimedefangsuse_linuxmandrake_linux_corporate_servermandrake_linuxn/a
CVE-2003-1343
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.78% / 85.49%
||
7 Day CHG~0.00%
Published-14 Oct, 2007 | 19:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3".

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-scanmailn/a
CWE ID-CWE-287
Improper Authentication
CVE-2003-0646
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.08% / 86.22%
||
7 Day CHG~0.00%
Published-05 Aug, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in ActiveX controls used by Trend Micro HouseCall 5.5 and 5.7, and Damage Cleanup Server 1.0, allow remote attackers to execute arbitrary code via long parameter strings.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-housecalldamage_cleanup_servern/a
CVE-2002-0440
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.08% / 88.09%
||
7 Day CHG~0.00%
Published-11 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning if Content-length equals 0" option enabled allows malicious web servers to bypass content scanning via a Content-length header set to 0, which is often ignored by HTTP clients.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-interscan_viruswalln/a
CVE-2002-0637
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.82% / 87.67%
||
7 Day CHG~0.00%
Published-04 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

InterScan VirusWall 3.52 build 1462 allows remote attackers to bypass virus protection via e-mail messages with headers that violate RFC specifications by having (or missing) space characters in unexpected places (aka "space gap"), such as (1) Content-Type :", (2) "Content-Transfer-Encoding :", (3) no space before a boundary declaration, or (4) "boundary= ", which is processed by Outlook Express.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-interscan_viruswalln/a
CVE-2001-1456
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-9.06% / 92.30%
||
7 Day CHG~0.00%
Published-21 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.

Action-Not Available
Vendor-pgpnetwork_associatesn/aMcAfee, LLCSilicon Graphics, Inc.
Product-gauntlet_firewallirixmcafee_e-ppliancee-ppliance_300webshield_smtpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2001-1026
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.79% / 72.85%
||
7 Day CHG~0.00%
Published-02 Feb, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, (3) requesting the IP address instead of the domain name, or (4) using a leading 0 in an octet of an IP address.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-interscan_applettrapn/a
CVE-2001-0761
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.04% / 86.14%
||
7 Day CHG~0.00%
Published-12 Oct, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HttpSave.dll in Trend Micro InterScan WebManager 1.2 allows remote attackers to execute arbitrary code via a long value to a certain parameter.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-interscan_webmanagern/a
CVE-2001-0689
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.64% / 69.52%
||
7 Day CHG~0.00%
Published-29 Aug, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in TrendMicro Virus Control System 1.8 allows a remote attacker to view configuration files and change the configuration via a certain CGI program.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-virus_control_systemn/a
CVE-2000-1158
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 63.63%
||
7 Day CHG~0.00%
Published-19 Dec, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NAI Sniffer Agent uses base64 encoding for authentication, which allows attackers to sniff the network and easily decrypt usernames and passwords.

Action-Not Available
Vendor-network_associatesn/a
Product-sniffer_agentn/a
CVE-2001-0410
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.99% / 75.89%
||
7 Day CHG~0.00%
Published-24 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Trend Micro Virus Buster 2001 8.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long "From" header.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-virus_buster_2001n/a
CVE-2000-0447
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.91% / 82.54%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to execute arbitrary commands via a long configuration parameter to the WebShield remote management service.

Action-Not Available
Vendor-network_associatesn/a
Product-webshieldn/a
CVE-1999-1529
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-15.02% / 94.29%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow exists in the HELO command in Trend Micro Interscan VirusWall SMTP gateway 3.23/3.3 for NT, which may allow an attacker to execute arbitrary code.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-interscan_viruswalln/a
CVE-2003-1341
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.13% / 90.43%
||
7 Day CHG~0.00%
Published-14 Oct, 2007 | 19:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-virus_busterofficescann/a
CVE-2000-1130
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.32% / 54.41%
||
7 Day CHG~0.00%
Published-19 Dec, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters in name of the attachment.

Action-Not Available
Vendor-network_associatesn/a
Product-webshield_smtpn/a
CVE-2000-0741
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.68% / 90.85%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary code via format strings in a URL with a .XUDA extension.

Action-Not Available
Vendor-network_associatesn/a
Product-net_tools_pki_servern/a
CVE-1999-1533
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-9.22% / 92.39%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Eicon Technology Diva LAN ISDN modem allows a remote attacker to cause a denial of service (hang) via a long password argument to the login.htm file in its HTTP service.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-interscan_viruswalln/a
CVE-2001-1542
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.91% / 74.92%
||
7 Day CHG~0.00%
Published-14 Jul, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter improperly MIME encoded email attachments, which could allow remote attackers to bypass filtering and possibly execute arbitrary code in email clients that process the invalid attachments.

Action-Not Available
Vendor-network_associatesn/a
Product-webshield_smtpn/a
CVE-2007-0884
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.12% / 86.31%
||
7 Day CHG~0.00%
Published-12 Feb, 2007 | 20:00
Updated-07 Aug, 2024 | 12:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Roaring Penguin MIMEDefang 2.59 and 2.60 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-roaring_penguinn/a
Product-mimedefangn/a
CVE-2006-6178
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-3.98% / 87.94%
||
7 Day CHG~0.00%
Published-30 Nov, 2006 | 23:00
Updated-07 Aug, 2024 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in PCCSRV\Web_console\RemoteInstallCGI\Wizard.exe for Trend Micro OfficeScan 7.3 before build 7.3.0.1087 allows remote attackers to execute arbitrary code via unknown attack vectors.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-officescann/a
CVE-2007-1168
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.34% / 79.20%
||
7 Day CHG~0.00%
Published-28 Feb, 2007 | 15:00
Updated-07 Aug, 2024 | 12:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp).

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-serverprotectn/a
CVE-2001-0958
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.90% / 89.18%
||
7 Day CHG~0.00%
Published-02 Feb, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in eManager plugin for Trend Micro InterScan VirusWall for NT 3.51 and 3.51J allow remote attackers to execute arbitrary code via long arguments to the CGI programs (1) register.dll, (2) ContentFilter.dll, (3) SFNofitication.dll, (4) register.dll, (5) TOP10.dll, (6) SpamExcp.dll, and (7) spamrule.dll.

Action-Not Available
Vendor-n/aTrend Micro Incorporated
Product-interscan_viruswallinterscan_emanagern/a
CVE-2000-1159
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.82% / 73.46%
||
7 Day CHG~0.00%
Published-19 Dec, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NAI Sniffer Agent allows remote attackers to gain privileges on the agent by sniffing the initial UDP authentication packets and spoofing commands.

Action-Not Available
Vendor-network_associatesn/a
Product-sniffer_agentn/a
Details not found