CVE-2008-3177

EUVD-2008-3167
Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), allows remote attackers to cause a denial of service (engine crash) via zero-length MIME attachments.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
sophoses1000
*
sophoses4000
*
sophossophos_anti-virus
*
sophossophos_puremessage_anti-virus
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/31037
http://www.securityfocus.com/bid/30110
http://www.securitytracker.com/id?1020462
http://www.sophos.com/support/knowledgebase/article/42245.html?_log_from=rss
http://www.vupen.com/english/advisories/2008/2053/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/43703
http://secunia.com/advisories/31037
http://www.securityfocus.com/bid/30110
http://www.securitytracker.com/id?1020462
http://www.sophos.com/support/knowledgebase/article/42245.html?_log_from=rss
http://www.vupen.com/english/advisories/2008/2053/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/43703