CVE-2004-0552

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.seifried.org/security/advisories/kssa-005.html", "name": "http://www.seifried.org/security/advisories/kssa-005.html", "tags": ["Exploit", "Patch", "Vendor Advisory"], "refsource": "MISC"}, {"url": "http://www.idefense.com/application/poi/display?id=143&type=vulnerabilities", "name": "20040922 Sophos Small Business Suite Reserved Device Name Handling Vulnerability", "tags": [], "refsource": "IDEFENSE"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17468", "name": "sophos-business-security-bypass(17468)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reserved MS-DOS device names such as (1) LPT1, (2) COM1, (3) AUX, (4) CON, or (5) PRN, which can allow malicious code to bypass detection when it is installed, copied, or executed."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2004-0552", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2004-11-03T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:sophos:small_business_suite:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.00"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-11T01:30Z"}