CVE-2002-1775

** DISPUTED ** NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass the initial virus scan and cause NAV to prematurely stop scanning by using a non-RFC compliant MIME header. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but the AutoProtect feature would detect the virus before it is executed.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://online.securityfocus.com/archive/1/260271
http://online.securityfocus.com/archive/1/260678
http://www.securityfocus.com/bid/4243
https://exchange.xforce.ibmcloud.com/vulnerabilities/8390

Configurations

Configuration 1 (hide)

cpe:2.3:a:symantec:norton_antivirus:2002:*:*:*:*:*:*:*

Information

Published : 2002-12-30 21:00

Updated : 2017-07-10 18:29

NVD link : CVE-2002-1775

Mitre link : CVE-2002-1775

JSON object : View

CWE

NVD-CWE-Other

Products Affected

symantec

norton_antivirus

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://online.securityfocus.com/archive/1/260271", "name": "20020307 Various Vulnerabilities in Norton Anti-Virus 2002", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://online.securityfocus.com/archive/1/260678", "name": "20020308 Re: Edvice Security Services <support@edvicesecurity.com, 000701c1c5fb$c168f970$5a01010a@mic2000", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/bid/4243", "name": "4243", "tags": [], "refsource": "BID"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8390", "name": "nav-nonrfc-bypass-protection(8390)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "** DISPUTED ** NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass the initial virus scan and cause NAV to prematurely stop scanning by using a non-RFC compliant MIME header. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but the AutoProtect feature would detect the virus before it is executed."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2002-1775", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2002-12-31T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:2002:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-11T01:29Z"}

7.5 /10