Vulnerability Report

CVE-2002-0637

Title: InterScan VirusWall RFC non-compliant MIME headers bypass filter

Filter bypass

Proof Of Concept

PoC Available for CVE-2002-0637

CWE Category NVD-CWE-noinfo

Published Date Jul 11, 2002

Modified Date Apr 03, 2025

Exploit Status Available

Score 7.5 CVSS v2.0

Exploit Probability (EPSS)

3.82%

Vulnerability Summary

CVE-2002-0637: InterScan VirusWall 3.52 build 1462 allows remote attackers to bypass virus protection via e-mail messages with headers that violate RFC specifications by having (or missing) space characters in unexpected places (aka "space gap"), such as (1) Content-Type :", (2) "Content-Transfer-Encoding :", (3) no space before a boundary declaration, or (4) "boundary= ", which is processed by Outlook Express.

Impacted Vendors

trend_micro 1

Reference Links

http://www.iss.net/security_center/static/9464.php http://www.securiteam.com/securitynews/5KP000A7QE.html http://www.iss.net/security_center/static/9464.php http://www.securiteam.com/securitynews/5KP000A7QE.html

CVSS v2.0

Source Entity [email protected]

Severity HIGH

7.5

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:L/Au:N/C:P/I:P/A:P

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2002-0637 Exploits & PoCs (Proof Of Concept)

Exploit-DB https://www.exploit-db.com/exploits/21625

View Code

April 03, 2025 MODIFIED

Vulnerability data or affected products updated.

July 11, 2002 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:L/Au:N/C:P/I:P/A:P

Affected Stack

No specific products linked.