Details of VAR-200212-0446

ID

VAR-200212-0446

CVE

CVE-2002-1775

TITLE

Symantec Norton AntiVirus non- RFC compatible EMAIL Protection can bypass the vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200212-724

DESCRIPTION

NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass the initial virus scan and cause NAV to prematurely stop scanning by using a non-RFC compliant MIME header. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but the AutoProtect feature would detect the virus before it is executed. An issue has been discovered which involves Symantec Norton AntiVirus 2002 incoming email scanning protection feature. As a result infected emails could go undetected

Trust: 1.26

sources: NVD: CVE-2002-1775 // BID: 4243 // VULHUB: VHN-6158

AFFECTED PRODUCTS

vendor:	symantec	model:	norton antivirus	scope:	eq	version:	2002	Trust: 1.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	20020	Trust: 0.3

sources: BID: 4243 // CNNVD: CNNVD-200212-724 // NVD: CVE-2002-1775

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-1775
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200212-724
value:	HIGH
Trust: 0.6
VULHUB:	VHN-6158
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2002-1775
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-6158
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-6158 // CNNVD: CNNVD-200212-724 // NVD: CVE-2002-1775

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-1775

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200212-724

TYPE

Design Error

Trust: 0.9

sources: BID: 4243 // CNNVD: CNNVD-200212-724

EXTERNAL IDS

db:	BID	id:	4243	Trust: 2.0
db:	NVD	id:	CVE-2002-1775	Trust: 1.7
db:	CNNVD	id:	CNNVD-200212-724	Trust: 0.7
db:	XF	id:	8390	Trust: 0.6
db:	NSFOCUS	id:	2365	Trust: 0.6
db:	VULHUB	id:	VHN-6158	Trust: 0.1

sources: VULHUB: VHN-6158 // BID: 4243 // CNNVD: CNNVD-200212-724 // NVD: CVE-2002-1775

REFERENCES

url:	http://www.securityfocus.com/bid/4243	Trust: 2.7
url:	http://online.securityfocus.com/archive/1/260271	Trust: 2.1
url:	http://online.securityfocus.com/archive/1/260678	Trust: 2.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/8390	Trust: 2.1
url:	http://xforce.iss.net/xforce/xfdb/8390	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/2365	Trust: 0.6
url:	http://www.symantec.com/nav/nav_9xnt/	Trust: 0.3
url:	http://www.symantec.com	Trust: 0.3

sources: VULHUB: VHN-6158 // BID: 4243 // CNNVD: CNNVD-200212-724 // NVD: CVE-2002-1775

CREDITS

Edvice Security Services※ support@edvicesecurity.com

Trust: 0.6

sources: CNNVD: CNNVD-200212-724

SOURCES

db:	VULHUB	id:	VHN-6158
db:	BID	id:	4243
db:	CNNVD	id:	CNNVD-200212-724
db:	NVD	id:	CVE-2002-1775

LAST UPDATE DATE

2024-11-22T23:12:09.536000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-6158	date:	2017-07-11T00:00:00
db:	BID	id:	4243	date:	2002-03-07T00:00:00
db:	CNNVD	id:	CNNVD-200212-724	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2002-1775	date:	2024-11-20T23:42:05.843

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-6158	date:	2002-12-31T00:00:00
db:	BID	id:	4243	date:	2002-03-07T00:00:00
db:	CNNVD	id:	CNNVD-200212-724	date:	2002-03-07T00:00:00
db:	NVD	id:	CVE-2002-1775	date:	2002-12-31T05:00:00