Vulnerability Description
Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, (3) requesting the IP address instead of the domain name, or (4) using a leading 0 in an octet of an IP address.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Trend Micro | Interscan Applettrap | 2.0 |
References
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0129.htmlVendor Advisory
- http://www.securityfocus.com/bid/2996
- http://www.securityfocus.com/bid/2998
- http://www.securityfocus.com/bid/3000
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6816
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6817
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6818
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6819
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0129.htmlVendor Advisory
- http://www.securityfocus.com/bid/2996
- http://www.securityfocus.com/bid/2998
- http://www.securityfocus.com/bid/3000
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6816
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6817
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6818
FAQ
What is CVE-2001-1026?
CVE-2001-1026 is a vulnerability with a CVSS score of 7.5 (HIGH). Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, (...
How severe is CVE-2001-1026?
CVE-2001-1026 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1026?
Check the references section above for vendor advisories and patch information. Affected products include: Trend Micro Interscan Applettrap.