Bypass of Virus Scanning in Sophos Anti-Virus 3.78
CVE-2004-2088
Currently unrated
Summary
Sophos Anti-Virus 3.78 is susceptible to a vulnerability that enables remote attackers to circumvent virus scanning mechanisms. This is achieved through the exploitation of Delivery Status Notifications (DSN) generated by qmail, where the original email content is not included in the bounce message. As a result, malicious emails can evade detection, posing a significant risk to users relying on this antivirus software.
References
EPSS Score
5% chance of being exploited in the next 30 days.
Timeline
Vulnerability Reserved
Vulnerability published