Denial of Service Vulnerability in Sophos Email Appliance and Anti-Virus
CVE-2008-3177
Currently unrated
Key Information:
- Vendor
- Sophos
- Vendor
- CVE Published:
- 15 July 2008
Summary
The Sophos virus detection engine version 2.75, utilized in several Sophos products such as the Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), is susceptible to a denial of service attack. This vulnerability arises when an attacker sends a specially crafted email containing zero-length MIME attachments, which can lead the engine to crash. Exploiting this flaw can disrupt service and compromise the functionality of affected systems.
References
EPSS Score
6% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved