Vulnerabilities > CVE-2008-7105 - Unspecified vulnerability in Sophos Puremessage for Microsoft Exchange 3.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN sophos
nessus
Summary
Sophos PureMessage for Microsoft Exchange 3.0 before 3.0.2 allows remote attackers to cause a denial of service (EdgeTransport.exe termination) via a TNEF-encoded message with a crafted rich text body that is not properly handled during conversion to plain text. NOTE: this might be related to CVE-2008-7104.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | Windows |
| NASL id | SOPHOS_PUREMESSAGE_DOS.NASL |
| description | The remote host is running Sophos PureMessage for Microsoft Exchange. The installed version of the software is affected by multiple vulnerabilities. - A vulnerability in PMScanner.exe could crash or hang the PureMessage Scanner service while processing certain rich text (RTF) or PDF files. - A vulnerability in PureMessage could abruptly terminate EdgeTransport.exe while replacing rich text body of certain TNEF-encoded messages with plaintext. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 34060 |
| published | 2008-08-28 |
| reporter | This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/34060 |
| title | Sophos PureMessage < 3.0.2 Multiple Vulnerabilities |