Sophos Anti-Virus 3.78 allows remote attackers to cause a denial of service (infinite loop) via a MIME header that is not properly terminated.
https://exchange.xforce.ibmcloud.com/vulnerabilities/15191
http://www.sophos.com/support/news/#mime-378
http://www.securityfocus.com/bid/9648