• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Buffer overflow in HttpSave.dll in Trend Micro InterScan WebManager 1.2 allows remote attackers to execute arbitrary code via a long value to a certain parameter.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Date Entry Created
20011012 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Proposed (20011012)
Votes (Legacy)
ACCEPT(1) Baker
MODIFY(1) Frech
NOOP(4) Armstrong, Cole, Foat, Wall
REVIEWING(1) Christey
Comments (Legacy)
 Christey> CD:SF-LOC may suggest merging with CVE-2001-0678
 Frech> XF:interscan-webmanager-httpsave-bo(6788)
 CHANGE> [Christey changed vote from NOOP to REVIEWING]
 Christey> There is evidence that this problem was confirmed by Trend,
   but there are some inconsistencies.
   Note, however, that the date of the patch description at
   is June 19th, but the Bugtraq post was July 2, and the poster
   said that a patch had not been available yet.  However, the
   poster also said that they had notified Trend on June 11.
   Add that the Action parameter is the one with the overflow.
   This patch description only identifies HttpSave.dll, not
   RegGo.dll (as identified by CVE-2001-0678), but it implies
   that multiple DLL's may have been fixed.  Looking at the DLL's
   in the patch, there is RegGo.dll and a number of other DLL's.
   However, this RegGo.dll is different than the one from
   the patch for CVE-2001-0678, so maybe they fixed yet another
   problem here.
   That problem might be:
   BUGTRAQ:20010621 TrendMicro InterScan WebManager Version 1.2 RegGo.dll Buffer Overflow Vulnerability
   where the discloser said that the problem was discovered
   in June 6 and implied that Trend Micro would fix the problem,
   so Trend was notified sometime between June 6 and June 21.
   So, the dates might imply that Trend fixed both the
   HTTPSave.dll and this variant (if in fact it's a variant and
   not a rediscovery of CVE-2001-0678) in a single patch.
   If true, then that would argue that this candidate should be 
   merged with the RegGo.dll variant reported in the above
   Bugtraq reference, along with some of the other DLL's - just
   in case someone rediscovers THOSE, too.
   Other DLL's in this patch are covered in other posts
   in the same time frame by the same person.
   HttpSaveCVP.dll and HttpSaveCSP.dll are in:
   BUGTRAQ:20010628 [SNS Advisory No.35] TrendMicro InterScan VirusWall 3.51 HttpSaveC*P.dll Buffer Overflow
   smtpscan.dll is described in:
   BUGTRAQ:20010628 [SNS Advisory No.34] TrendMicro InterScan VirusWall 3.51 smtpscan.dll Buffer Overflow

Proposed (Legacy)
This is an entry on the CVE list, which standardizes names for security problems.