Denial of Service Vulnerability in Sophos Email Appliance and Anti-Virus
CVE-2008-3177

Currently unrated

Key Information:

Vendor
Sophos
Vendor
CVE Published:
15 July 2008

Summary

The Sophos virus detection engine version 2.75, utilized in several Sophos products such as the Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), is susceptible to a denial of service attack. This vulnerability arises when an attacker sends a specially crafted email containing zero-length MIME attachments, which can lead the engine to crash. Exploiting this flaw can disrupt service and compromise the functionality of affected systems.

References

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.