File Handling Vulnerability in Sophos Small Business Suite for Windows
CVE-2004-0552
Currently unrated
Summary
The Sophos Small Business Suite 1.00 on Windows exhibits a vulnerability in its handling of file names containing reserved MS-DOS device names, such as LPT1, COM1, AUX, CON, and PRN. This oversight can permit malicious code to evade detection during installation, copying, or execution, posing risks to system integrity and data security. Effective mitigations must be implemented to prevent exploitation of this weakness.
References
EPSS Score
16% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved