← back
CVE-2002-0440

CVE-2002-0440

EPSS 2.6%
Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning if Content-length equals 0" option enabled allows malicious web servers to bypass content scanning via a Content-length header set to 0, which is often ignored by HTTP clients.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/21339unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/lists/bugtraq/2002/Mar/0162.htmlhttp://www.inside-security.de/vwall_cl0.htmlhttp://www.iss.net/security_center/static/8425.phphttp://www.securityfocus.com/bid/4265