CVE-2004-0552

CVSS 7.5 - HIGH
Description

Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reserved MS-DOS device names such as (1) LPT1, (2) COM1, (3) AUX, (4) CON, or (5) PRN, which can allow malicious code to bypass detection when it is installed, copied, or executed.

Affected Products
1
Vendor Product Version
sophos small_business_suite All versions
References
http://www.idefense.com/application/poi/display?id...
http://www.seifried.org/security/advisories/kssa-0...
https://exchange.xforce.ibmcloud.com/vulnerabiliti...
http://www.idefense.com/application/poi/display?id...
http://www.seifried.org/security/advisories/kssa-0...
https://exchange.xforce.ibmcloud.com/vulnerabiliti...
Weakness Types
NVD-CWE-Other
CVE Information
CVE ID:
CVE-2004-0552
Published:
2004-11-03
Modified:
2026-04-16
CVSS Score:
7.5
Severity:
HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Vendors
sophos
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL