Unrated severityNVD Advisory· Published Nov 3, 2004· Updated Apr 16, 2026

CVE-2004-0552

Description

Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reserved MS-DOS device names such as (1) LPT1, (2) COM1, (3) AUX, (4) CON, or (5) PRN, which can allow malicious code to bypass detection when it is installed, copied, or executed.

Affected products

Sophos/Small Business Suite
cpe:2.3:a:sophos:small_business_suite:*:*:*:*:*:*:*:*
Range: <=1.00

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.seifried.org/security/advisories/kssa-005.htmlnvdExploitPatchVendor Advisory
www.idefense.com/application/poi/displaynvd
exchange.xforce.ibmcloud.com/vulnerabilities/17468nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.013
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000