Vulnerability Report

CVE-2002-0440

Title: Trend Micro InterScan VirusWall HTTP proxy Content-length 0 bypasses scanning

Filter bypass

Proof Of Concept

PoC Available for CVE-2002-0440

CWE Category NVD-CWE-noinfo

Published Date Jul 26, 2002

Modified Date Apr 03, 2025

Exploit Status Available

Score 7.5 CVSS v2.0

Exploit Probability (EPSS)

2.48%

Vulnerability Summary

CVE-2002-0440: Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning if Content-length equals 0" option enabled allows malicious web servers to bypass content scanning via a Content-length header set to 0, which is often ignored by HTTP clients.

Impacted Vendors

trend_micro 1

Reference Links

http://seclists.org/lists/bugtraq/2002/Mar/0162.html http://www.inside-security.de/vwall_cl0.html http://www.iss.net/security_center/static/8425.php http://www.securityfocus.com/bid/4265 http://seclists.org/lists/bugtraq/2002/Mar/0162.html http://www.inside-security.de/vwall_cl0.html http://www.iss.net/security_center/static/8425.php http://www.securityfocus.com/bid/4265

CVSS v2.0

Source Entity [email protected]

Severity HIGH

7.5

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:L/Au:N/C:P/I:P/A:P

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2002-0440 Exploits & PoCs (Proof Of Concept)

Exploit-DB https://www.exploit-db.com/exploits/21339

View Code

April 03, 2025 MODIFIED

Vulnerability data or affected products updated.

July 26, 2002 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:L/Au:N/C:P/I:P/A:P

Affected Stack

No specific products linked.