Remote Bypass and Denial of Service in Sophos PureMessage for Microsoft Exchange
CVE-2008-7106
Currently unrated
Key Information:
- Vendor
- Sophos
- Vendor
- CVE Published:
- 27 August 2009
Summary
The Sophos PureMessage for Microsoft Exchange version 3.0 and earlier does not properly initiate its scanning engines during heavy system loads. This failure can lead to potential exploitation, where attackers may bypass the intended scanner protections, resulting in possible message loss or delays due to a denial of service scenario. The vulnerability exists in configurations where both anti-virus and anti-spam capabilities are enabled.
References
Timeline
Vulnerability published
Vulnerability Reserved