Vulnerabilities > CVE-2004-0552 - Unspecified vulnerability in Sophos Small Business Suite
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reserved MS-DOS device names such as (1) LPT1, (2) COM1, (3) AUX, (4) CON, or (5) PRN, which can allow malicious code to bypass detection when it is installed, copied, or executed.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Sophos Anti-Virus 3.x Reserved MS-DOS Name Scan Evasion Vulnerability. CVE-2004-0552. Remote exploit for windows platform |
| id | EDB-ID:24623 |
| last seen | 2016-02-02 |
| modified | 2004-09-22 |
| published | 2004-09-22 |
| reporter | Kurt Seifried |
| source | https://www.exploit-db.com/download/24623/ |
| title | Sophos Anti-Virus 3.x - Reserved MS-DOS Name Scan Evasion Vulnerability |