Multiple Sophos Products MIME Attachments Denial of Service Vulnerability

Multiple Sophos Products MIME Attachments Denial of Service Vulnerability

Multiple Sophos Products are prone to a denial-of-service vulnerability when scanning certain MIME attachments.

Attackers can leverage this issue to cause multiple terminations of the affected products and deny service to legitimate users.

NOTE: The vendor states that this issue occurs only when the applications are running on Linux or UNIX.

Sophos Email Appliance and Pure Message for UNIX instances that are using 4.30 virus data/2.74 engine are affected.

The Sophos Anti-Virus Interface (SAVI) is also affected.