\ CVE-2004-0552 - Unspecified vulnerability in Sophos Small Business Suite 1.00 | Vumetric Cyber Portal

CVE-2004-0552 - Unspecified vulnerability in Sophos Small Business Suite 1.00

Publication

2004-11-03

Last modification

2017-07-11

Summary

Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reserved MS-DOS device names such as (1) LPT1, (2) COM1, (3) AUX, (4) CON, or (5) PRN, which can allow malicious code to bypass detection when it is installed, copied, or executed.

Risk level (CVSS AV:N/AC:L/Au:N/C:P/I:P/A:P)

High

7.5

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

Vendor Product Versions
Sophos Small Business Suite  1.00