CVE-2008-3177
Published Jul 15, 2008
Last updated 7 years ago
Overview
- Description
- Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), allows remote attackers to cause a denial of service (engine crash) via zero-length MIME attachments.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-16
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sophos:email_appliance:es1000:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8B03E1F8-1ED6-40C5-A164-0581A75634F5"
},
{
"criteria": "cpe:2.3:h:sophos:email_appliance:es4000:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "881E76E2-3049-49F1-B1FD-322BDBE3C1B8"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:es1000:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B7EE749-CA5F-4348-B39B-E8AA0E61EE0E"
},
{
"criteria": "cpe:2.3:a:sophos:es4000:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29C6192D-4E59-4663-9612-0286CD8AF9C3"
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6CCF6E5F-DF9F-4B6A-A826-1268E0EAD4FB"
},
{
"criteria": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E44BBA71-625A-4D39-A35F-A87EBE16C95C"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]