Description
Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), allows remote attackers to cause a denial of service (engine crash) via zero-length MIME attachments.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1020462
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/30110
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2053/references
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/43703
Various Sources x_refsource_confirm
http://www.sophos.com/support/knowledgebase/article/42245.html?_log_from=rss
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/31037
Scores
EPSS
0.0605
EPSS Percentile
90.8%
Details
CWE
CWE-16
Status
published
Products (4)
sophos/es1000
sophos/es4000
sophos/sophos_anti-virus
sophos/sophos_puremessage_anti-virus
Published
Jul 15, 2008
Tracked Since
Feb 18, 2026