{"vuid":"VU#739224","idnumber":"739224","name":"HTTP content scanning systems full-width/half-width Unicode encoding bypass","keywords":["Full-width","half-width","Unicode","encoded HTTP","security bypass","INFO#111001"],"overview":"Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious HTTP traffic to bypass content scanning systems.","clean_desc":"Full-width and half-width encoding is a  technique for encoding Unicode characters. Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded HTTP traffic. By sending specially-crafted HTTP traffic to a vulnerable content scanning system, an attacker may be able to bypass that content scanning system.","impact":"A remote, unauthenticated attacker may be able to bypass HTTP content scanning systems.","resolution":"Check with your vendor\nRefer to the Systems Affected  section of this document for information about specific vendors regarding this issue.","workarounds":"","sysaffected":"","thanks":"This issue was reported by Fatih Ozavci and Caglar Cakici of \nGamasec Security","author":"This document was written by Jeff Gennari.","public":["http://www.gamasec.net/english/gs07-01.html","http://www.unicode.org/charts/PDF/UFF00.pdf","http://secunia.com/advisories/25285/","http://www.cisco.com/warp/public/707/cisco-sr-20070514-unicode.shtml","http://secunia.com/advisories/25302/","http://www.frsirt.com/english/advisories/2007/1817","http://www.securityfocus.com/infocus/1232","http://xforce.iss.net/xforce/alerts/id/advise68","https://secure-support.novell.com/KanisaPlatform/Publishing/539/3193302_f.SAL_Public.html","http://secunia.com/advisories/26692/","http://secunia.com/advisories/27455/"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2007-04-16T12:56:07Z","publicdate":"2007-05-14T00:00:00Z","datefirstpublished":"2007-05-14T17:02:13Z","dateupdated":"2009-04-22T18:54:10Z","revision":24,"vrda_d1_directreport":"1","vrda_d1_population":"2","vrda_d1_impact":"2","cam_widelyknown":"10","cam_exploitation":"0","cam_internetinfrastructure":"4","cam_population":"7","cam_impact":"6","cam_easeofexploitation":"8","cam_attackeraccessrequired":"20","cam_scorecurrent":"1.764","cam_scorecurrentwidelyknown":"3.024","cam_scorecurrentwidelyknownexploited":"5.544","ipprotocol":"tcp","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":1.764,"vulnote":null}