Denial of Service Vulnerability in Sophos PureMessage for Microsoft Exchange
CVE-2008-7104

Currently unrated

Key Information:

Vendor
Sophos
Vendor
CVE Published:
27 August 2009

Summary

The Sophos PureMessage Scanner service, specifically PMScanner.exe, in versions prior to 3.0.2 is vulnerable to a Denial of Service (DoS) attack. Remote attackers can exploit this vulnerability by sending specially crafted Rich Text Format (RTF) or Portable Document Format (PDF) files, resulting in message queue delays and incomplete updates of the spam rule database. This vulnerability can severely impact the efficiency and responsiveness of the email security services provided by Sophos PureMessage.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.