Lucene search

[email protected]CVE-2008-3177

HistoryJul 15, 2008 - 6:41 p.m.

CVE-2008-3177

2008-07-1518:41:00

CWE-16

[email protected]

web.nvd.nist.gov

sophos

virus detection

engine

2.75

linux

unix

vulnerability

denial of service

nvd

6.7 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.028 Low

EPSS

Percentile

90.6%

JSON

Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), allows remote attackers to cause a denial of service (engine crash) via zero-length MIME attachments.

Affected configurations

NVD

Node

sophosemail_applianceMatches1000

sophosemail_applianceMatches4000

AND

sophoses1000

sophoses4000

sophossophos_anti-virus

sophossophos_puremessage_anti-virus

CPENameOperatorVersion
sophos:es1000sophos es1000eq*
sophos:es4000sophos es4000eq*
sophos:sophos_anti-virussophos sophos anti-viruseq*
sophos:sophos_puremessage_anti-virussophos sophos puremessage anti-viruseq*

CPE	Name	Operator	Version
sophos:es1000	sophos es1000	eq	*
sophos:es4000	sophos es4000	eq	*
sophos:sophos_anti-virus	sophos sophos anti-virus	eq	*
sophos:sophos_puremessage_anti-virus	sophos sophos puremessage anti-virus	eq	*

References

secunia.com/advisories/31037

www.securityfocus.com/bid/30110

www.securitytracker.com/id?1020462

www.sophos.com/support/knowledgebase/article/42245.html?_log_from=rss

www.vupen.com/english/advisories/2008/2053/references

exchange.xforce.ibmcloud.com/vulnerabilities/43703

6.7 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.028 Low

EPSS

Percentile

90.6%

JSON

Related for CVE-2008-3177

cvelist1 nvd1 prion1