CVE-2004-0552

Currently unrated

Key Information:

Vendor: Sophos
Status: Small Business Suite
Vendor: CVE Published:; 3 November 2004

Summary

Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reserved MS-DOS device names such as (1) LPT1, (2) COM1, (3) AUX, (4) CON, or (5) PRN, which can allow malicious code to bypass detection when it is installed, copied, or executed.

References

http://www.idefense.com/application/poi/display?id=143&ty...

third-party-advisoryx_refsource_IDEFENSE

http://www.seifried.org/security/advisories/kssa-005.html

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/17468

vdb-entryx_refsource_XF

EPSS Score

16% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 3, 2004
Vulnerability Reserved
Jun 11, 2004