Vulnerability: Bypassing Detection with Reserved MS-DOS Device Names in Sophos Small Business Suite 1.00 on Windows

Vulnerability: Bypassing Detection with Reserved MS-DOS Device Names in Sophos Small Business Suite 1.00 on Windows

CVE-2004-0552 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reserved MS-DOS device names such as (1) LPT1, (2) COM1, (3) AUX, (4) CON, or (5) PRN, which can allow malicious code to bypass detection when it is installed, copied, or executed.

Learn more about our Web Application Penetration Testing UK.