Christey> CD:SF-LOC may suggest merging with CVE-2001-0678
CHANGE> [Christey changed vote from NOOP to REVIEWING]
Christey> There is evidence that this problem was confirmed by Trend,
but there are some inconsistencies.
Note, however, that the date of the patch description at
is June 19th, but the Bugtraq post was July 2, and the poster
said that a patch had not been available yet. However, the
poster also said that they had notified Trend on June 11.
Add that the Action parameter is the one with the overflow.
This patch description only identifies HttpSave.dll, not
RegGo.dll (as identified by CVE-2001-0678), but it implies
that multiple DLL's may have been fixed. Looking at the DLL's
in the patch, there is RegGo.dll and a number of other DLL's.
However, this RegGo.dll is different than the one from
the patch for CVE-2001-0678, so maybe they fixed yet another
That problem might be:
BUGTRAQ:20010621 TrendMicro InterScan WebManager Version 1.2 RegGo.dll Buffer Overflow Vulnerability
where the discloser said that the problem was discovered
in June 6 and implied that Trend Micro would fix the problem,
so Trend was notified sometime between June 6 and June 21.
So, the dates might imply that Trend fixed both the
HTTPSave.dll and this variant (if in fact it's a variant and
not a rediscovery of CVE-2001-0678) in a single patch.
If true, then that would argue that this candidate should be
merged with the RegGo.dll variant reported in the above
Bugtraq reference, along with some of the other DLL's - just
in case someone rediscovers THOSE, too.
Other DLL's in this patch are covered in other posts
in the same time frame by the same person.
HttpSaveCVP.dll and HttpSaveCSP.dll are in:
BUGTRAQ:20010628 [SNS Advisory No.35] TrendMicro InterScan VirusWall 3.51 HttpSaveC*P.dll Buffer Overflow
smtpscan.dll is described in:
BUGTRAQ:20010628 [SNS Advisory No.34] TrendMicro InterScan VirusWall 3.51 smtpscan.dll Buffer Overflow