CVE-2004-0552
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
03/11/2004
Last modified:
03/04/2025
Description
Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reserved MS-DOS device names such as (1) LPT1, (2) COM1, (3) AUX, (4) CON, or (5) PRN, which can allow malicious code to bypass detection when it is installed, copied, or executed.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:sophos:small_business_suite:*:*:*:*:*:*:*:* | 1.00 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.idefense.com/application/poi/display?id=143&type=vulnerabilities
- http://www.seifried.org/security/advisories/kssa-005.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17468
- http://www.idefense.com/application/poi/display?id=143&type=vulnerabilities
- http://www.seifried.org/security/advisories/kssa-005.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17468