Denial of Service Vulnerability in Sophos PureMessage for Microsoft Exchange
CVE-2008-7104
Currently unrated
Key Information:
- Vendor
- Sophos
- Vendor
- CVE Published:
- 27 August 2009
Summary
The Sophos PureMessage Scanner service, specifically PMScanner.exe, in versions prior to 3.0.2 is vulnerable to a Denial of Service (DoS) attack. Remote attackers can exploit this vulnerability by sending specially crafted Rich Text Format (RTF) or Portable Document Format (PDF) files, resulting in message queue delays and incomplete updates of the spam rule database. This vulnerability can severely impact the efficiency and responsiveness of the email security services provided by Sophos PureMessage.
References
Timeline
Vulnerability published
Vulnerability Reserved