A vulnerability in file descriptor handling of the Cisco Email Security Appliance (ESA) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition due to the affected device unexpectedly reloading. The vulnerability is due to failure to release file descriptors when the requested file action is completed. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to cause a DoS condition due to the affected device failing to release file descriptors. When all file descriptors are in use, the device can reload unexpectedly. Cisco has confirmed the vulnerability; however, software updates are not available.