Vulnerability Details CVE-2004-0552
Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reserved MS-DOS device names such as (1) LPT1, (2) COM1, (3) AUX, (4) CON, or (5) PRN, which can allow malicious code to bypass detection when it is installed, copied, or executed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.164
EPSS Ranking 94.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.idefense.com/application/poi/display?id=143&type=vulnerabilities
- http://www.seifried.org/security/advisories/kssa-005.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17468
- http://www.idefense.com/application/poi/display?id=143&type=vulnerabilities
- http://www.seifried.org/security/advisories/kssa-005.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17468
Products affected by CVE-2004-0552
-
cpe:2.3:a:sophos:small_business_suite:*