Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Sophos Subscribe
Filtered by product Small Business Suite
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-4577 1 Sophos 3 Anti-virus, Scanning Engine, Small Business Suite 2018-10-15 7.8 HIGH N/A
Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a "BZip bomb").
CVE-2007-4578 1 Sophos 3 Anti-virus, Scanning Engine, Small Business Suite 2018-10-15 6.8 MEDIUM N/A
Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researcher is reliable.
CVE-2004-0552 1 Sophos 1 Small Business Suite 2017-07-10 7.5 HIGH N/A
Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reserved MS-DOS device names such as (1) LPT1, (2) COM1, (3) AUX, (4) CON, or (5) PRN, which can allow malicious code to bypass detection when it is installed, copied, or executed.