CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2016-6217
https://notcve.org/view.php?id=CVE-2016-6217
Cross-site scripting (XSS) vulnerability in Sophos PureMessage for UNIX before 6.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de Cross-Site Scripting (XSS) en versiones anteriores a la 6.3.2 de Sophos PureMessage para UNIX permite a atacantes remotos inyectar scripts web o HTML arbitrarios utilizando vectores no especificados. • http://pmx.sophos.com/rn/pmx/concepts/ReleaseNotes_6.3.2.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 5%CPEs: 1EXPL: 0CVE-2008-7104
https://notcve.org/view.php?id=CVE-2008-7104
Sophos PureMessage Scanner service (PMScanner.exe) in PureMessage for Microsoft Exchange 3.0 before 3.0.2 allows remote attackers to cause a denial of service (message queue delay and incomplete spam rule update) via a crafted (1) RTF or (2) PDF file. Servicio Sophos PureMessage Scanner (PMScanner.exe) en PureMessage para Microsoft Exchange v3.0 anteriores a v3.0.2 que permite a los atacantes remoto causar una denegación de servicio (retraso de la cola de mensajes e incompleta actualización de las reglas de spam). • http://www.securityfocus.com/bid/30881 http://www.sophos.com/support/knowledgebase/article/44385.html https://exchange.xforce.ibmcloud.com/vulnerabilities/44775 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2008-7106
https://notcve.org/view.php?id=CVE-2008-7106
The installation of Sophos PureMessage for Microsoft Exchange 3.0 before 3.0.2, when both anti-virus and anti-spam are supported, does not create or launch the associated scan engines when the system is under heavy load, which has unspecified impact, probably remote bypass of scanner protection or a denial of service (message loss or delay). La instalación de Sophos PureMessage para Microsoft Exchange v3.0 anteriores a v3.0.2, cuando el anti-virus y anti-spam son soportados, no crea o lanza el motor asociado de escaneo cuando el sistema está bajo una cargar fuerte, que tiene un impacto no especificado, probablemente evitar remotamente la protección del escaneo o denegación de servicio (pérdida de mensaje o retraso). • http://www.sophos.com/support/knowledgebase/article/44385.html https://exchange.xforce.ibmcloud.com/vulnerabilities/52926 •
CVSS: 5.0EPSS: 5%CPEs: 1EXPL: 0CVE-2008-7105
https://notcve.org/view.php?id=CVE-2008-7105
Sophos PureMessage for Microsoft Exchange 3.0 before 3.0.2 allows remote attackers to cause a denial of service (EdgeTransport.exe termination) via a TNEF-encoded message with a crafted rich text body that is not properly handled during conversion to plain text. NOTE: this might be related to CVE-2008-7104. PureMessage de Sophos para Microsoft Exchange versiones 3.0 anteriores a 3.0.2, permite a los atacantes remotos causar una denegación de servicio (terminación del archivo EdgeTransport.exe) por medio de un mensaje codificado TNEF con un cuerpo de texto rico diseñado que no se maneja apropiadamente durante la conversión a texto plano. NOTA: esto podría estar relacionado con CVE-2008-7104. • http://www.securityfocus.com/bid/30881 http://www.sophos.com/support/knowledgebase/article/44385.html https://exchange.xforce.ibmcloud.com/vulnerabilities/52925 •
CVSS: 5.0EPSS: 3%CPEs: 6EXPL: 0CVE-2008-3177
https://notcve.org/view.php?id=CVE-2008-3177
Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), allows remote attackers to cause a denial of service (engine crash) via zero-length MIME attachments. El motor de detección de Sophos 2.75 en Linux y Unix, descubierto en Sophos Email Appliance, Pure Message para Unix y Sophos Anti-Virus Interface (SAVI), permite a los atacantes remotos provocar una denegación de servicio (caída del engine) a través del adjunto MIME de longitud cero • http://secunia.com/advisories/31037 http://www.securityfocus.com/bid/30110 http://www.securitytracker.com/id?1020462 http://www.sophos.com/support/knowledgebase/article/42245.html?_log_from=rss http://www.vupen.com/english/advisories/2008/2053/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43703 • CWE-16: Configuration •