Vulnerabilites related to sophos - anti-virus
Vulnerability from fkie_nvd
Published
2006-11-01 15:07
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | anti-virus | 4.04 | |
| sophos | anti-virus | 4.05 | |
| sophos | anti-virus | 4.5.3 | |
| sophos | anti-virus | 4.5.4 | |
| sophos | anti-virus | 4.5.11 | |
| sophos | anti-virus | 4.5.12 | |
| sophos | anti-virus | 4.7.1 | |
| sophos | anti-virus | 4.7.2 | |
| sophos | anti-virus | 5.0.1 | |
| sophos | anti-virus | 5.0.2 | |
| sophos | anti-virus | 5.0.4 | |
| sophos | anti-virus | 5.1 | |
| sophos | anti-virus | 5.2 | |
| sophos | anti-virus | 5.2.1 | |
| sophos | anti-virus | 6.0.4 | |
| sophos | endpoint_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9D6E1E-9FA4-4BA1-8648-2E1A6A8FC4CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "799249AD-3E8A-4584-A680-A3E618B5372D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "587205B1-322E-478D-9B46-8F20F371C87C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B6B5D4-E335-4377-8D98-87656522D056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED1228F-0733-42D9-853A-B1EB4EB20A91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "136B6228-D71B-4985-B555-5ABC38EF2B42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4518D58D-BD49-4E02-AB93-B1B45B774F2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A398BC60-0F67-4A32-A6CD-F3410D81834F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55D2CFB6-F135-40B5-ACF8-D6513C0AB682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B781BEA-E3D6-4260-913F-99D46DCC97D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7952D2-2FE4-44E3-B964-976964CFFB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0AF1DE9-A0A1-4193-9AD9-56BF39F3557A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7CC4E8-C039-4895-A3EF-BF1927266744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67E8DF83-4F1B-4E4C-A613-EF0C4502FA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "08FACDD3-92A8-4325-AD0D-81100BA81F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:endpoint_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39B0A565-0E33-419F-B209-7F87CB7AC702",
"versionEndIncluding": "6.04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en mont\u00f3n en Sophos Anti-Virus y Endpoint Security versiones anteriores a 6.0.5, Anti-Virus para Linux anteriores a 5.0.10, y otras plataformas anteriores a 4.11, cuando el escaneo de archivos est\u00e1 habilitado, permite a atacantes remotos disparar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de un archivo CHM con una cabecera de descompresi\u00f3n LZX que especifica un tama\u00f1o de ventana 0."
}
],
"id": "CVE-2006-5646",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-11-01T15:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=452"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22591"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017132"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20816"
},
{
"source": "cve@mitre.org",
"url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/4239"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=452"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/4239"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-28 18:17
Modified
2025-04-09 00:30
Severity ?
Summary
Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researcher is reliable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | anti-virus | 3.4.6 | |
| sophos | anti-virus | 3.78 | |
| sophos | anti-virus | 3.78d | |
| sophos | anti-virus | 3.79 | |
| sophos | anti-virus | 3.80 | |
| sophos | anti-virus | 3.81 | |
| sophos | anti-virus | 3.82 | |
| sophos | anti-virus | 3.83 | |
| sophos | anti-virus | 3.84 | |
| sophos | anti-virus | 3.85 | |
| sophos | anti-virus | 3.86 | |
| sophos | anti-virus | 3.90 | |
| sophos | anti-virus | 3.91 | |
| sophos | anti-virus | 3.95 | |
| sophos | anti-virus | 3.96.0 | |
| sophos | anti-virus | 4.03 | |
| sophos | anti-virus | 4.04 | |
| sophos | anti-virus | 4.05 | |
| sophos | anti-virus | 4.5.3 | |
| sophos | anti-virus | 4.5.4 | |
| sophos | anti-virus | 4.5.11 | |
| sophos | anti-virus | 4.5.12 | |
| sophos | anti-virus | 4.7.1 | |
| sophos | anti-virus | 4.7.2 | |
| sophos | anti-virus | 5.0.1 | |
| sophos | anti-virus | 5.0.2 | |
| sophos | anti-virus | 5.0.4 | |
| sophos | anti-virus | 5.0.9 | |
| sophos | anti-virus | 5.0.9 | |
| sophos | anti-virus | 5.1 | |
| sophos | anti-virus | 5.2 | |
| sophos | anti-virus | 5.2.1 | |
| sophos | anti-virus | 6.5 | |
| sophos | scanning_engine | 2.30.4 | |
| sophos | scanning_engine | 2.40.2 | |
| sophos | small_business_suite | 4.04 | |
| sophos | small_business_suite | 4.05 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E45839C3-4753-4D22-8FA7-9B0DF6C93414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.78:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF9F90F-3E38-496F-A84A-45FC60B7613E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.78d:*:*:*:*:*:*:*",
"matchCriteriaId": "A27F909C-E84F-466F-BB40-D43A0570B9C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.79:*:*:*:*:*:*:*",
"matchCriteriaId": "76354221-841C-443C-921A-6242BF875918",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.80:*:*:*:*:*:*:*",
"matchCriteriaId": "245520DD-FDA3-4470-94C9-4A351D028BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "147AF135-4638-4015-B1C1-411611C3FC86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.82:*:*:*:*:*:*:*",
"matchCriteriaId": "9BAAFDEA-B08E-4BA9-9333-DFDC35B00D71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.83:*:*:*:*:*:*:*",
"matchCriteriaId": "C4E27696-23CE-4ADD-9859-B0CB1DF02E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.84:*:*:*:*:*:*:*",
"matchCriteriaId": "44F9357C-2CFC-4866-8D22-E5BE48182D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.85:*:*:*:*:*:*:*",
"matchCriteriaId": "19A98770-8AF2-4B2D-9783-8E2B01D631E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.86:*:*:*:*:*:*:*",
"matchCriteriaId": "30136876-3778-4C3A-9CE3-0440588594A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.90:*:*:*:*:*:*:*",
"matchCriteriaId": "39972E3A-B377-44DC-B16B-AA6E7ECCE29D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.91:*:*:*:*:*:*:*",
"matchCriteriaId": "58B3AE9A-2337-4225-8C1B-87933EE99E18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.95:*:*:*:*:*:*:*",
"matchCriteriaId": "C5922BAB-7DF5-4F65-AC6E-038900B79396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.96.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5816EC94-1005-4467-825A-6BB43525FE43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.03:*:linux:*:*:*:*:*",
"matchCriteriaId": "DD24F0C5-CB2B-4C67-BD0E-34A1C6358618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9D6E1E-9FA4-4BA1-8648-2E1A6A8FC4CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "799249AD-3E8A-4584-A680-A3E618B5372D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "587205B1-322E-478D-9B46-8F20F371C87C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B6B5D4-E335-4377-8D98-87656522D056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED1228F-0733-42D9-853A-B1EB4EB20A91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "136B6228-D71B-4985-B555-5ABC38EF2B42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4518D58D-BD49-4E02-AB93-B1B45B774F2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A398BC60-0F67-4A32-A6CD-F3410D81834F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55D2CFB6-F135-40B5-ACF8-D6513C0AB682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B781BEA-E3D6-4260-913F-99D46DCC97D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7952D2-2FE4-44E3-B964-976964CFFB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "05361082-2A61-40D9-9EEE-6ED3C032FB22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.9:*:linux:*:*:*:*:*",
"matchCriteriaId": "98A094D5-C2AD-4DFE-A088-0011268BB65C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0AF1DE9-A0A1-4193-9AD9-56BF39F3557A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7CC4E8-C039-4895-A3EF-BF1927266744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67E8DF83-4F1B-4E4C-A613-EF0C4502FA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAD883-919D-4719-A964-C93F40EE658D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:scanning_engine:2.30.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6A092119-BF22-4FDC-8922-4993AEAA1327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:scanning_engine:2.40.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E7AE52-0978-4EBB-8177-CCF792B98DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:small_business_suite:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "9B8657D5-7DB2-428D-9125-B3BC4D5F2263",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:small_business_suite:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "190B0808-8ABD-499C-8A84-7B630BB1E2E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an \"integer cast around\". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researcher is reliable."
},
{
"lang": "es",
"value": "Sophos Anti-Virus para Windows y para Unix/Linux anterior a 2.48.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante un archivo empaquetado con UPX manipulado, resultado de una \"conversi\u00f3n de vuelta de entero\" (integer cast around). NOTA: a fecha de 28/08/2007, el fabricante dice que esto es una denegaci\u00f3n de servicio y el investigador dice que permite ejecuci\u00f3n de c\u00f3digo, pero el investigador es fiable."
}
],
"id": "CVE-2007-4578",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-28T18:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26580"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3072"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018608"
},
{
"source": "cve@mitre.org",
"url": "http://www.nruns.com/security_advisory_sophos_upx_infinite_loop_dos.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/477720/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/477864/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/477882/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25428"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.sophos.com/support/knowledgebase/article/28407.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2972"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26580"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nruns.com/security_advisory_sophos_upx_infinite_loop_dos.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/477720/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/477864/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/477882/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.sophos.com/support/knowledgebase/article/28407.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2972"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-08-06 01:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) armadillo, (2) asprotect, or (3) asprotectSKE.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | anti-virus | 4.7.18 | |
| sophos | anti-virus | 4.7.18 | |
| sophos | anti-virus | 4.9.18 | |
| sophos | anti-virus | 4.37.0 | |
| sophos | anti-virus | 6.4.5 | |
| sophos | anti-virus | 7.0.5 | |
| sophos | anti-virus7.6.3 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.7.18:*:windows-nt:*:*:*:*:*",
"matchCriteriaId": "F1BEF5DD-8418-4C76-9351-ACD3ED25236E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.7.18:*:windows_9x:*:*:*:*:*",
"matchCriteriaId": "A15CB3E6-A97F-491B-B27E-E4AF255E0088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.9.18:*:os_x:*:*:*:*:*",
"matchCriteriaId": "E61D3204-DE1E-489E-9624-DD02F1B58F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.37.0:*:netware:*:*:*:*:*",
"matchCriteriaId": "77FF9B2E-2A38-4A13-AA20-83081A5D9AF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:6.4.5:*:linux:*:*:*:*:*",
"matchCriteriaId": "550B1595-4C9F-412C-B903-DDD8202C1F4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:7.0.5:*:unix:*:*:*:*:*",
"matchCriteriaId": "52F3B857-84EC-4FB8-A332-B7B81BCEB28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus7.6.3:*:windows:*:*:*:*:*:*",
"matchCriteriaId": "98EFEFC0-92AC-43A6-A072-B6AD2D4B0984",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) armadillo, (2) asprotect, or (3) asprotectSKE."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en Sophos SAVScan v4.33.0 de Linux, y probablemente otros productos y versiones, permiten a atacantes remotos causar una denegaci\u00f3n de servicio (falta de segmentaci\u00f3n) y probablemente ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de archivos manipulados que han sido empaquetados con (1)armadillo, (2) asprotect, o (3) asprotectSKE."
}
],
"id": "CVE-2008-6904",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-08-06T01:30:00.217",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=122893252316489\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32748"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/support/knowledgebase/article/50611.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52443"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=122893252316489\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/support/knowledgebase/article/50611.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52443"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-30 00:10
Modified
2025-04-09 00:30
Severity ?
Summary
Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service (reboot with the product disabled) and possibly gain privileges via a zero value in a certain length field in the ObjectAttributes argument to the NtCreateKey hooked System Service Descriptor Table (SSDT) function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | anti-virus | 7.0.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:anti-virus:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E3605FC9-61B9-489D-863C-5248D71BCF62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service (reboot with the product disabled) and possibly gain privileges via a zero value in a certain length field in the ObjectAttributes argument to the NtCreateKey hooked System Service Descriptor Table (SSDT) function."
},
{
"lang": "es",
"value": "Sophos Anti-Virus 7.0.5 y otras versiones 7.x, cuando est\u00e1 habilitado Runtime Behavioural Analysis, permite a usuarios locales provocar una denegaci\u00f3n de servicio (reinicio con el producto deshabilitado) y posiblemente obtener privilegios mediante un valor zero en cierto campo length en el argumento ObjectAttributes a la funci\u00f3n NtCreateKey hooked System Service Descriptor Table (SSDT)."
}
],
"id": "CVE-2008-1737",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-30T00:10:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29996"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3838"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1019945"
},
{
"source": "cve@mitre.org",
"url": "http://www.coresecurity.com/?action=item\u0026id=2249"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491405/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28743"
},
{
"source": "cve@mitre.org",
"url": "http://www.sophos.com/support/knowledgebase/article/37810.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1381"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.coresecurity.com/?action=item\u0026id=2249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491405/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28743"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sophos.com/support/knowledgebase/article/37810.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42083"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-11-01 15:07
Modified
2025-04-09 00:30
Severity ?
Summary
Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a malformed CHM file with a large name length in the CHM chunk header, aka "CHM name length memory consumption vulnerability."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | anti-virus | 4.04 | |
| sophos | anti-virus | 4.05 | |
| sophos | anti-virus | 4.5.3 | |
| sophos | anti-virus | 4.5.4 | |
| sophos | anti-virus | 4.5.11 | |
| sophos | anti-virus | 4.5.12 | |
| sophos | anti-virus | 4.7.1 | |
| sophos | anti-virus | 4.7.2 | |
| sophos | anti-virus | 5.0.1 | |
| sophos | anti-virus | 5.0.2 | |
| sophos | anti-virus | 5.0.4 | |
| sophos | anti-virus | 5.1 | |
| sophos | anti-virus | 5.2 | |
| sophos | anti-virus | 5.2.1 | |
| sophos | anti-virus | 6.0.4 | |
| sophos | endpoint_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9D6E1E-9FA4-4BA1-8648-2E1A6A8FC4CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "799249AD-3E8A-4584-A680-A3E618B5372D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "587205B1-322E-478D-9B46-8F20F371C87C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B6B5D4-E335-4377-8D98-87656522D056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED1228F-0733-42D9-853A-B1EB4EB20A91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "136B6228-D71B-4985-B555-5ABC38EF2B42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4518D58D-BD49-4E02-AB93-B1B45B774F2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A398BC60-0F67-4A32-A6CD-F3410D81834F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55D2CFB6-F135-40B5-ACF8-D6513C0AB682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B781BEA-E3D6-4260-913F-99D46DCC97D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7952D2-2FE4-44E3-B964-976964CFFB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0AF1DE9-A0A1-4193-9AD9-56BF39F3557A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7CC4E8-C039-4895-A3EF-BF1927266744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67E8DF83-4F1B-4E4C-A613-EF0C4502FA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "08FACDD3-92A8-4325-AD0D-81100BA81F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:endpoint_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39B0A565-0E33-419F-B209-7F87CB7AC702",
"versionEndIncluding": "6.04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a malformed CHM file with a large name length in the CHM chunk header, aka \"CHM name length memory consumption vulnerability.\""
},
{
"lang": "es",
"value": "Sophos Anti-Virus y Endpoint Security versiones anteriores a 6.0.5, Anti-Virus para Linux anteriores a 5.0.10, y otras plataformas anteriores a 4.11 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n o agotamiento de memoria) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero CHM mal formado con manipulaciones concretas del segmento de cabecera CHM, tambi\u00e9n conocido como \"vulnerabilidad de agotamiento de memoria en longitud de nombre CHM\".\r\n"
}
],
"id": "CVE-2006-5647",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-11-01T15:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=451"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22591"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017132"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20816"
},
{
"source": "cve@mitre.org",
"url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/4239"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/4239"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-11-01 15:07
Modified
2025-04-09 00:30
Severity ?
Summary
Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | anti-virus | 4.04 | |
| sophos | anti-virus | 4.05 | |
| sophos | anti-virus | 4.5.3 | |
| sophos | anti-virus | 4.5.4 | |
| sophos | anti-virus | 4.5.11 | |
| sophos | anti-virus | 4.5.12 | |
| sophos | anti-virus | 4.7.1 | |
| sophos | anti-virus | 4.7.2 | |
| sophos | anti-virus | 5.0.1 | |
| sophos | anti-virus | 5.0.2 | |
| sophos | anti-virus | 5.0.4 | |
| sophos | anti-virus | 5.1 | |
| sophos | anti-virus | 5.2 | |
| sophos | anti-virus | 5.2.1 | |
| sophos | anti-virus | 6.0.4 | |
| sophos | endpoint_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9D6E1E-9FA4-4BA1-8648-2E1A6A8FC4CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "799249AD-3E8A-4584-A680-A3E618B5372D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "587205B1-322E-478D-9B46-8F20F371C87C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B6B5D4-E335-4377-8D98-87656522D056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED1228F-0733-42D9-853A-B1EB4EB20A91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "136B6228-D71B-4985-B555-5ABC38EF2B42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4518D58D-BD49-4E02-AB93-B1B45B774F2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A398BC60-0F67-4A32-A6CD-F3410D81834F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55D2CFB6-F135-40B5-ACF8-D6513C0AB682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B781BEA-E3D6-4260-913F-99D46DCC97D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7952D2-2FE4-44E3-B964-976964CFFB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0AF1DE9-A0A1-4193-9AD9-56BF39F3557A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7CC4E8-C039-4895-A3EF-BF1927266744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67E8DF83-4F1B-4E4C-A613-EF0C4502FA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "08FACDD3-92A8-4325-AD0D-81100BA81F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:endpoint_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39B0A565-0E33-419F-B209-7F87CB7AC702",
"versionEndIncluding": "6.04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when \"Enabled scanning of archives\" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero."
},
{
"lang": "es",
"value": "Sophos Anti-Virus y Endpoint Security anteriores a 6.0.5, Anti-virus para Linux 5.0.10, y otras plataformas en versiones anteriores a la 4.11, permite a atacantes remotos causar denegaci\u00f3n de servicio (bucle infinito) mediante un fichero RAR mal formado con una secci\u00f3n de Cabecera de Archivo con los campos head_size y pack_size puestos a cero."
}
],
"id": "CVE-2006-5645",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-11-01T15:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22591"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017132"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20816"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018450"
},
{
"source": "cve@mitre.org",
"url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/4239"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018450"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/4239"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-08-06 00:30
Modified
2025-04-09 00:30
Severity ?
Summary
Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows NT/9x before 4.7.18, Anti-Virus for OS X before 4.9.18, Anti-Virus for Linux before 6.4.5, Anti-Virus for UNIX before 7.0.5, Anti-Virus for Unix and Netware before 4.37.0, Sophos EM Library, and Sophos small business solutions, when CAB archive scanning is enabled, allows remote attackers to cause a denial of service (segmentation fault) via a "fuzzed" CAB archive file, as demonstrated by the OUSPG PROTOS GENOME test suite for Archive Formats.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | anti-virus | 4.7.18 | |
| sophos | anti-virus | 4.7.18 | |
| sophos | anti-virus | 4.9.18 | |
| sophos | anti-virus | 4.37.0 | |
| sophos | anti-virus | 6.4.5 | |
| sophos | anti-virus | 7.0.5 | |
| sophos | anti-virus7.6.3 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.7.18:*:windows-nt:*:*:*:*:*",
"matchCriteriaId": "F1BEF5DD-8418-4C76-9351-ACD3ED25236E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.7.18:*:windows_9x:*:*:*:*:*",
"matchCriteriaId": "A15CB3E6-A97F-491B-B27E-E4AF255E0088",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.9.18:*:os_x:*:*:*:*:*",
"matchCriteriaId": "E61D3204-DE1E-489E-9624-DD02F1B58F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.37.0:*:netware:*:*:*:*:*",
"matchCriteriaId": "77FF9B2E-2A38-4A13-AA20-83081A5D9AF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:6.4.5:*:linux:*:*:*:*:*",
"matchCriteriaId": "550B1595-4C9F-412C-B903-DDD8202C1F4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:7.0.5:*:unix:*:*:*:*:*",
"matchCriteriaId": "52F3B857-84EC-4FB8-A332-B7B81BCEB28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus7.6.3:*:windows:*:*:*:*:*:*",
"matchCriteriaId": "98EFEFC0-92AC-43A6-A072-B6AD2D4B0984",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows NT/9x before 4.7.18, Anti-Virus for OS X before 4.9.18, Anti-Virus for Linux before 6.4.5, Anti-Virus for UNIX before 7.0.5, Anti-Virus for Unix and Netware before 4.37.0, Sophos EM Library, and Sophos small business solutions, when CAB archive scanning is enabled, allows remote attackers to cause a denial of service (segmentation fault) via a \"fuzzed\" CAB archive file, as demonstrated by the OUSPG PROTOS GENOME test suite for Archive Formats."
},
{
"lang": "es",
"value": "Sophos Anti-Virus para Windows anteriores a v7.6.3, Anti-Virus para Windows NT/9x anteriores a v.4.7.18, Anti-Virus para OS X anteriores a v.4.9.18, Anti-Virus para Linux anteriores a v.6.4.5, Anti-Virus para UNIX anteriores a v7.0.5, Anti-Virus para Unix y Netware anteriores a v.4.37.0, Sophos EM Library, y Sophos small business solutions, cuando el archivo escaneado CAB est\u00e1 activo, permite a atacantes remotos causar una denegaci\u00f3n de servicio (falta de segmentaci\u00f3n) a trav\u00e9s del fichero \"fuzzed\" CAB, como se ha demostrado mediante la suite para el testeo de formatos de archivo PROTOS GENOME."
}
],
"id": "CVE-2008-6903",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-08-06T00:30:00.297",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=122893252316489\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/50863"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/33177"
},
{
"source": "cve@mitre.org",
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32748"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securitytracker.com/id?1021476"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.sophos.com/support/knowledgebase/article/50611.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/3458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=122893252316489\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/50863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/33177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securitytracker.com/id?1021476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.sophos.com/support/knowledgebase/article/50611.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/3458"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-22 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3) newListList:ExcludeMountPaths parameter to exclusion/configure or (4) text:EmailServer or (5) newListList:Email parameter to notification/configure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | anti-virus | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:anti-virus:*:*:*:*:*:linux_kernel:*:*",
"matchCriteriaId": "EE16A914-C7EC-4164-A693-59EA5958BC7F",
"versionEndIncluding": "9.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3) newListList:ExcludeMountPaths parameter to exclusion/configure or (4) text:EmailServer or (5) newListList:Email parameter to notification/configure."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en la interfaz de usuario web en Sophos Anti-Virus para Linux anterior a 9.6.1 permiten a usuarios locales inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del par\u00e1metro (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems o (3) newListList:ExcludeMountPaths en exclusion/configure o el par\u00e1metro (4) text:EmailServer o (5) newListList:Email en notification/configure."
}
],
"id": "CVE-2014-2385",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-07-22T14:55:08.833",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/127228/Sophos-Antivirus-9.5.1-Cross-Site-Scripting.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Jun/126"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/532558/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1030467"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/121135.aspx"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2385/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/127228/Sophos-Antivirus-9.5.1-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Jun/126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/532558/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/121135.aspx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2385/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-10 17:17
Modified
2025-04-09 00:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x before 7.0.1 allows remote attackers to inject arbitrary web script or HTML via an archive with a file that matches a virus signature and has a crafted filename that is not properly handled by the print function in SavMain.exe.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | anti-virus | * | |
| sophos | anti-virus | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:anti-virus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8AC8FFF-FAAA-499B-85E9-0A17C6A81C53",
"versionEndIncluding": "6.5.4_r2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D064580-D2D5-410D-BD1C-31173C4A9898",
"versionEndIncluding": "7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x before 7.0.1 allows remote attackers to inject arbitrary web script or HTML via an archive with a file that matches a virus signature and has a crafted filename that is not properly handled by the print function in SavMain.exe."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo cross-site scripting (XSS) en Sophos Anti-Virus para Windows versiones 6.x anteriores a 6.5.8 y versiones 7.x anteriores a 7.0.1, permite a atacantes remotos inyectar script web o HTML arbitrario por medio de un registro con un archivo que coincide con una firma de virus y tiene un nombre de archivo dise\u00f1ado que no es manejado apropiadamente mediante la funci\u00f3n print en el archivo SavMain.exe."
}
],
"id": "CVE-2007-4512",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-09-10T17:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37527"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26714"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3107"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/478708/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25572"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.sophos.com/support/knowledgebase/article/29150.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3077"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36478"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26714"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3107"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/478708/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25572"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.sophos.com/support/knowledgebase/article/29150.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36478"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-08-28 18:17
Modified
2025-04-09 00:30
Severity ?
Summary
Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a "BZip bomb").
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | anti-virus | 3.4.6 | |
| sophos | anti-virus | 3.78 | |
| sophos | anti-virus | 3.78d | |
| sophos | anti-virus | 3.79 | |
| sophos | anti-virus | 3.80 | |
| sophos | anti-virus | 3.81 | |
| sophos | anti-virus | 3.82 | |
| sophos | anti-virus | 3.83 | |
| sophos | anti-virus | 3.84 | |
| sophos | anti-virus | 3.85 | |
| sophos | anti-virus | 3.86 | |
| sophos | anti-virus | 3.90 | |
| sophos | anti-virus | 3.91 | |
| sophos | anti-virus | 3.95 | |
| sophos | anti-virus | 3.96.0 | |
| sophos | anti-virus | 4.03 | |
| sophos | anti-virus | 4.04 | |
| sophos | anti-virus | 4.05 | |
| sophos | anti-virus | 4.5.3 | |
| sophos | anti-virus | 4.5.4 | |
| sophos | anti-virus | 4.5.11 | |
| sophos | anti-virus | 4.5.12 | |
| sophos | anti-virus | 4.7.1 | |
| sophos | anti-virus | 4.7.2 | |
| sophos | anti-virus | 5.0.1 | |
| sophos | anti-virus | 5.0.2 | |
| sophos | anti-virus | 5.0.4 | |
| sophos | anti-virus | 5.0.9 | |
| sophos | anti-virus | 5.0.9 | |
| sophos | anti-virus | 5.1 | |
| sophos | anti-virus | 5.2 | |
| sophos | anti-virus | 5.2.1 | |
| sophos | anti-virus | 6.5 | |
| sophos | scanning_engine | 2.30.4 | |
| sophos | scanning_engine | 2.40.2 | |
| sophos | small_business_suite | 4.04 | |
| sophos | small_business_suite | 4.05 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E45839C3-4753-4D22-8FA7-9B0DF6C93414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.78:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF9F90F-3E38-496F-A84A-45FC60B7613E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.78d:*:*:*:*:*:*:*",
"matchCriteriaId": "A27F909C-E84F-466F-BB40-D43A0570B9C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.79:*:*:*:*:*:*:*",
"matchCriteriaId": "76354221-841C-443C-921A-6242BF875918",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.80:*:*:*:*:*:*:*",
"matchCriteriaId": "245520DD-FDA3-4470-94C9-4A351D028BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "147AF135-4638-4015-B1C1-411611C3FC86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.82:*:*:*:*:*:*:*",
"matchCriteriaId": "9BAAFDEA-B08E-4BA9-9333-DFDC35B00D71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.83:*:*:*:*:*:*:*",
"matchCriteriaId": "C4E27696-23CE-4ADD-9859-B0CB1DF02E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.84:*:*:*:*:*:*:*",
"matchCriteriaId": "44F9357C-2CFC-4866-8D22-E5BE48182D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.85:*:*:*:*:*:*:*",
"matchCriteriaId": "19A98770-8AF2-4B2D-9783-8E2B01D631E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.86:*:*:*:*:*:*:*",
"matchCriteriaId": "30136876-3778-4C3A-9CE3-0440588594A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.90:*:*:*:*:*:*:*",
"matchCriteriaId": "39972E3A-B377-44DC-B16B-AA6E7ECCE29D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.91:*:*:*:*:*:*:*",
"matchCriteriaId": "58B3AE9A-2337-4225-8C1B-87933EE99E18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.95:*:*:*:*:*:*:*",
"matchCriteriaId": "C5922BAB-7DF5-4F65-AC6E-038900B79396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.96.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5816EC94-1005-4467-825A-6BB43525FE43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.03:*:linux:*:*:*:*:*",
"matchCriteriaId": "DD24F0C5-CB2B-4C67-BD0E-34A1C6358618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9D6E1E-9FA4-4BA1-8648-2E1A6A8FC4CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "799249AD-3E8A-4584-A680-A3E618B5372D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "587205B1-322E-478D-9B46-8F20F371C87C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B6B5D4-E335-4377-8D98-87656522D056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED1228F-0733-42D9-853A-B1EB4EB20A91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "136B6228-D71B-4985-B555-5ABC38EF2B42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4518D58D-BD49-4E02-AB93-B1B45B774F2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A398BC60-0F67-4A32-A6CD-F3410D81834F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55D2CFB6-F135-40B5-ACF8-D6513C0AB682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B781BEA-E3D6-4260-913F-99D46DCC97D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7952D2-2FE4-44E3-B964-976964CFFB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "05361082-2A61-40D9-9EEE-6ED3C032FB22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.9:*:linux:*:*:*:*:*",
"matchCriteriaId": "98A094D5-C2AD-4DFE-A088-0011268BB65C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0AF1DE9-A0A1-4193-9AD9-56BF39F3557A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7CC4E8-C039-4895-A3EF-BF1927266744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67E8DF83-4F1B-4E4C-A613-EF0C4502FA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAD883-919D-4719-A964-C93F40EE658D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:scanning_engine:2.30.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6A092119-BF22-4FDC-8922-4993AEAA1327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:scanning_engine:2.40.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E7AE52-0978-4EBB-8177-CCF792B98DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:small_business_suite:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "9B8657D5-7DB2-428D-9125-B3BC4D5F2263",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:small_business_suite:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "190B0808-8ABD-499C-8A84-7B630BB1E2E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a \"BZip bomb\")."
},
{
"lang": "es",
"value": "Sophos Anti-Virus para Unix/Linux anterior a 2.48.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (bucle infinito) mediante un archivo BZip mal formado que resulta en la creaci\u00f3n de m\u00faltiples ficheros Engine temporales (tambi\u00e9n conocida como \"bomba BZip\")."
}
],
"id": "CVE-2007-4577",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-28T18:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26580"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3073"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018608"
},
{
"source": "cve@mitre.org",
"url": "http://www.nruns.com/security_advisory_sophos_gzip_infinite_loop_dos.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/477727/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/25428"
},
{
"source": "cve@mitre.org",
"url": "http://www.sophos.com/support/knowledgebase/article/28407.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2972"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26580"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nruns.com/security_advisory_sophos_gzip_infinite_loop_dos.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/477727/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sophos.com/support/knowledgebase/article/28407.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2972"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-12-12 18:30
Modified
2025-04-09 00:30
Severity ?
Summary
Sophos Anti-Virus 4.33.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | anti-virus | 4.33.0 | |
| microsoft | internet_explorer | 6 | |
| microsoft | internet_explorer | 7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.33.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41F2865A-0D90-4E78-B2C7-9F6CF13A986E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
"matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
"matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus 4.33.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
},
{
"lang": "es",
"value": "Sophos Anti-Virus v4.33.0, cuando se utiliza Internet Explorer 6 o 7, permite a atacantes remotos eludir la detecci\u00f3n de malware en un documento HTML colocando una cabecera MZ (alias \"EXE info\") al principio, y modificar el nombre del archivo a (1 ) sin extensi\u00f3n, (2) una extensi\u00f3n. txt, o (3) una extensi\u00f3n .jpg, como lo demuestra un documento que contiene un exploit CVE-2006-5745."
}
],
"id": "CVE-2008-5541",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-12-12T18:30:03.077",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/4723"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-06-16 20:30
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus before 7.6.20 allows local users to gain privileges via crafted arguments to the NtQueryAttributesFile function.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:anti-virus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20367487-5266-4F79-85CF-DF024D23D115",
"versionEndIncluding": "7.6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E45839C3-4753-4D22-8FA7-9B0DF6C93414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.78:*:*:*:*:*:*:*",
"matchCriteriaId": "8DF9F90F-3E38-496F-A84A-45FC60B7613E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.78d:*:*:*:*:*:*:*",
"matchCriteriaId": "A27F909C-E84F-466F-BB40-D43A0570B9C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.79:*:*:*:*:*:*:*",
"matchCriteriaId": "76354221-841C-443C-921A-6242BF875918",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.80:*:*:*:*:*:*:*",
"matchCriteriaId": "245520DD-FDA3-4470-94C9-4A351D028BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "147AF135-4638-4015-B1C1-411611C3FC86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.82:*:*:*:*:*:*:*",
"matchCriteriaId": "9BAAFDEA-B08E-4BA9-9333-DFDC35B00D71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.83:*:*:*:*:*:*:*",
"matchCriteriaId": "C4E27696-23CE-4ADD-9859-B0CB1DF02E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.84:*:*:*:*:*:*:*",
"matchCriteriaId": "44F9357C-2CFC-4866-8D22-E5BE48182D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.85:*:*:*:*:*:*:*",
"matchCriteriaId": "19A98770-8AF2-4B2D-9783-8E2B01D631E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.86:*:*:*:*:*:*:*",
"matchCriteriaId": "30136876-3778-4C3A-9CE3-0440588594A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.90:*:*:*:*:*:*:*",
"matchCriteriaId": "39972E3A-B377-44DC-B16B-AA6E7ECCE29D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.91:*:*:*:*:*:*:*",
"matchCriteriaId": "58B3AE9A-2337-4225-8C1B-87933EE99E18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.95:*:*:*:*:*:*:*",
"matchCriteriaId": "C5922BAB-7DF5-4F65-AC6E-038900B79396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:3.96.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5816EC94-1005-4467-825A-6BB43525FE43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.03:*:*:*:*:*:*:*",
"matchCriteriaId": "20E8CC2D-5BC8-4EDA-BC52-922B8D280E98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9D6E1E-9FA4-4BA1-8648-2E1A6A8FC4CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "799249AD-3E8A-4584-A680-A3E618B5372D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "587205B1-322E-478D-9B46-8F20F371C87C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B6B5D4-E335-4377-8D98-87656522D056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED1228F-0733-42D9-853A-B1EB4EB20A91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "136B6228-D71B-4985-B555-5ABC38EF2B42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4518D58D-BD49-4E02-AB93-B1B45B774F2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A398BC60-0F67-4A32-A6CD-F3410D81834F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:4.33.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41F2865A-0D90-4E78-B2C7-9F6CF13A986E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55D2CFB6-F135-40B5-ACF8-D6513C0AB682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B781BEA-E3D6-4260-913F-99D46DCC97D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4D7952D2-2FE4-44E3-B964-976964CFFB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "05361082-2A61-40D9-9EEE-6ED3C032FB22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0AF1DE9-A0A1-4193-9AD9-56BF39F3557A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7CC4E8-C039-4895-A3EF-BF1927266744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67E8DF83-4F1B-4E4C-A613-EF0C4502FA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "08FACDD3-92A8-4325-AD0D-81100BA81F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAD883-919D-4719-A964-C93F40EE658D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1678D2A7-32D6-4A9E-884C-5850A4BC273D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E3605FC9-61B9-489D-863C-5248D71BCF62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F977E43C-B6C7-4C87-A619-1B0B95D40E06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:7.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4D959321-4D57-44FE-A15E-7C5D443EA588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:7.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "275D6900-9868-478A-B159-B04883AD3992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:7.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7B7B3DF7-D255-4B43-BFA7-BA18C7CD2213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:7.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8F6D123E-EE26-40DF-B958-E86E0957A8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:anti-virus:7.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5233DBFD-0BEC-4315-9F42-7F6F7B6F8C18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus before 7.6.20 allows local users to gain privileges via crafted arguments to the NtQueryAttributesFile function."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el controlador de filtrado (savonaccessfilter.sys) en Sophos Anti-Virus anterior a v7.6.20, permite a usuarios locales elevar sus privilegios a trav\u00e9s de argumentos manipulados en la funci\u00f3n NtQueryAttributesFile."
}
],
"id": "CVE-2010-2308",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-06-16T20:30:02.747",
"references": [
{
"source": "cve@mitre.org",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-03"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40085"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/511773/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1024089"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/support/knowledgebase/article/111126.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/511773/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sophos.com/support/knowledgebase/article/111126.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1412"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2008-6903 (GCVE-0-2008-6903)
Vulnerability from cvelistv5
Published
2009-08-06 00:00
Modified
2024-08-07 11:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows NT/9x before 4.7.18, Anti-Virus for OS X before 4.9.18, Anti-Virus for Linux before 6.4.5, Anti-Virus for UNIX before 7.0.5, Anti-Virus for Unix and Netware before 4.37.0, Sophos EM Library, and Sophos small business solutions, when CAB archive scanning is enabled, allows remote attackers to cause a denial of service (segmentation fault) via a "fuzzed" CAB archive file, as demonstrated by the OUSPG PROTOS GENOME test suite for Archive Formats.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:49:02.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html"
},
{
"name": "33177",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33177"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/support/knowledgebase/article/50611.html"
},
{
"name": "1021476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021476"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"name": "20081210 [IVIZ-08-015] Sophos Antivirus for Linux vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122893252316489\u0026w=2"
},
{
"name": "ADV-2008-3458",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3458"
},
{
"name": "50863",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50863"
},
{
"name": "32748",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32748"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows NT/9x before 4.7.18, Anti-Virus for OS X before 4.9.18, Anti-Virus for Linux before 6.4.5, Anti-Virus for UNIX before 7.0.5, Anti-Virus for Unix and Netware before 4.37.0, Sophos EM Library, and Sophos small business solutions, when CAB archive scanning is enabled, allows remote attackers to cause a denial of service (segmentation fault) via a \"fuzzed\" CAB archive file, as demonstrated by the OUSPG PROTOS GENOME test suite for Archive Formats."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-08-19T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html"
},
{
"name": "33177",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33177"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/support/knowledgebase/article/50611.html"
},
{
"name": "1021476",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021476"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"name": "20081210 [IVIZ-08-015] Sophos Antivirus for Linux vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122893252316489\u0026w=2"
},
{
"name": "ADV-2008-3458",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3458"
},
{
"name": "50863",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50863"
},
{
"name": "32748",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32748"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows NT/9x before 4.7.18, Anti-Virus for OS X before 4.9.18, Anti-Virus for Linux before 6.4.5, Anti-Virus for UNIX before 7.0.5, Anti-Virus for Unix and Netware before 4.37.0, Sophos EM Library, and Sophos small business solutions, when CAB archive scanning is enabled, allows remote attackers to cause a denial of service (segmentation fault) via a \"fuzzed\" CAB archive file, as demonstrated by the OUSPG PROTOS GENOME test suite for Archive Formats."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html",
"refsource": "MISC",
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html"
},
{
"name": "33177",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33177"
},
{
"name": "http://www.sophos.com/support/knowledgebase/article/50611.html",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/support/knowledgebase/article/50611.html"
},
{
"name": "1021476",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021476"
},
{
"name": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html",
"refsource": "MISC",
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"name": "20081210 [IVIZ-08-015] Sophos Antivirus for Linux vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122893252316489\u0026w=2"
},
{
"name": "ADV-2008-3458",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3458"
},
{
"name": "50863",
"refsource": "OSVDB",
"url": "http://osvdb.org/50863"
},
{
"name": "32748",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32748"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6903",
"datePublished": "2009-08-06T00:00:00",
"dateReserved": "2009-08-05T00:00:00",
"dateUpdated": "2024-08-07T11:49:02.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4512 (GCVE-0-2007-4512)
Vulnerability from cvelistv5
Published
2007-09-10 17:00
Modified
2024-08-07 15:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x before 7.0.1 allows remote attackers to inject arbitrary web script or HTML via an archive with a file that matches a virus signature and has a crafted filename that is not properly handled by the print function in SavMain.exe.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3107",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3107"
},
{
"name": "ADV-2007-3077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3077"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/support/knowledgebase/article/29150.html"
},
{
"name": "37527",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37527"
},
{
"name": "26714",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26714"
},
{
"name": "sophos-zip-xss(36478)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36478"
},
{
"name": "20070906 Sophos Anti-Virus 6.5.4 Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/478708/100/0/threaded"
},
{
"name": "25572",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25572"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x before 7.0.1 allows remote attackers to inject arbitrary web script or HTML via an archive with a file that matches a virus signature and has a crafted filename that is not properly handled by the print function in SavMain.exe."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3107",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3107"
},
{
"name": "ADV-2007-3077",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3077"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/support/knowledgebase/article/29150.html"
},
{
"name": "37527",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37527"
},
{
"name": "26714",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26714"
},
{
"name": "sophos-zip-xss(36478)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36478"
},
{
"name": "20070906 Sophos Anti-Virus 6.5.4 Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/478708/100/0/threaded"
},
{
"name": "25572",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25572"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x before 7.0.1 allows remote attackers to inject arbitrary web script or HTML via an archive with a file that matches a virus signature and has a crafted filename that is not properly handled by the print function in SavMain.exe."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3107",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3107"
},
{
"name": "ADV-2007-3077",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3077"
},
{
"name": "http://www.sophos.com/support/knowledgebase/article/29150.html",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/support/knowledgebase/article/29150.html"
},
{
"name": "37527",
"refsource": "OSVDB",
"url": "http://osvdb.org/37527"
},
{
"name": "26714",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26714"
},
{
"name": "sophos-zip-xss(36478)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36478"
},
{
"name": "20070906 Sophos Anti-Virus 6.5.4 Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/478708/100/0/threaded"
},
{
"name": "25572",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25572"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4512",
"datePublished": "2007-09-10T17:00:00",
"dateReserved": "2007-08-23T00:00:00",
"dateUpdated": "2024-08-07T15:01:09.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4578 (GCVE-0-2007-4578)
Vulnerability from cvelistv5
Published
2007-08-28 18:00
Modified
2024-08-07 15:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researcher is reliable.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.611Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2972",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2972"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/security_advisory_sophos_upx_infinite_loop_dos.php"
},
{
"name": "25428",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25428"
},
{
"name": "26580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26580"
},
{
"name": "20070827 Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/477864/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/support/knowledgebase/article/28407.html"
},
{
"name": "3072",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3072"
},
{
"name": "20070827 RE: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/477882/100/0/threaded"
},
{
"name": "20070824 n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/477720/100/0/threaded"
},
{
"name": "1018608",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018608"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an \"integer cast around\". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researcher is reliable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2972",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2972"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/security_advisory_sophos_upx_infinite_loop_dos.php"
},
{
"name": "25428",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25428"
},
{
"name": "26580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26580"
},
{
"name": "20070827 Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/477864/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/support/knowledgebase/article/28407.html"
},
{
"name": "3072",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3072"
},
{
"name": "20070827 RE: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/477882/100/0/threaded"
},
{
"name": "20070824 n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/477720/100/0/threaded"
},
{
"name": "1018608",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018608"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4578",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an \"integer cast around\". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researcher is reliable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2972",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2972"
},
{
"name": "http://www.nruns.com/security_advisory_sophos_upx_infinite_loop_dos.php",
"refsource": "MISC",
"url": "http://www.nruns.com/security_advisory_sophos_upx_infinite_loop_dos.php"
},
{
"name": "25428",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25428"
},
{
"name": "26580",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26580"
},
{
"name": "20070827 Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477864/100/0/threaded"
},
{
"name": "http://www.sophos.com/support/knowledgebase/article/28407.html",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/support/knowledgebase/article/28407.html"
},
{
"name": "3072",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3072"
},
{
"name": "20070827 RE: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477882/100/0/threaded"
},
{
"name": "20070824 n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477720/100/0/threaded"
},
{
"name": "1018608",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018608"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4578",
"datePublished": "2007-08-28T18:00:00",
"dateReserved": "2007-08-28T00:00:00",
"dateUpdated": "2024-08-07T15:01:09.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1737 (GCVE-0-2008-1737)
Vulnerability from cvelistv5
Published
2008-04-29 23:00
Modified
2024-08-07 08:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service (reboot with the product disabled) and possibly gain privileges via a zero value in a certain length field in the ObjectAttributes argument to the NtCreateKey hooked System Service Descriptor Table (SSDT) function.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29996",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29996"
},
{
"name": "28743",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28743"
},
{
"name": "3838",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3838"
},
{
"name": "ADV-2008-1381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1381"
},
{
"name": "sophos-ssdt-dos(42083)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42083"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/?action=item\u0026id=2249"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/support/knowledgebase/article/37810.html"
},
{
"name": "20080428 CORE-2008-0320 - Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491405/100/0/threaded"
},
{
"name": "1019945",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019945"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service (reboot with the product disabled) and possibly gain privileges via a zero value in a certain length field in the ObjectAttributes argument to the NtCreateKey hooked System Service Descriptor Table (SSDT) function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29996",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29996"
},
{
"name": "28743",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28743"
},
{
"name": "3838",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3838"
},
{
"name": "ADV-2008-1381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1381"
},
{
"name": "sophos-ssdt-dos(42083)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42083"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/?action=item\u0026id=2249"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/support/knowledgebase/article/37810.html"
},
{
"name": "20080428 CORE-2008-0320 - Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/491405/100/0/threaded"
},
{
"name": "1019945",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019945"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1737",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service (reboot with the product disabled) and possibly gain privileges via a zero value in a certain length field in the ObjectAttributes argument to the NtCreateKey hooked System Service Descriptor Table (SSDT) function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29996",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29996"
},
{
"name": "28743",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28743"
},
{
"name": "3838",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3838"
},
{
"name": "ADV-2008-1381",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1381"
},
{
"name": "sophos-ssdt-dos(42083)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42083"
},
{
"name": "http://www.coresecurity.com/?action=item\u0026id=2249",
"refsource": "MISC",
"url": "http://www.coresecurity.com/?action=item\u0026id=2249"
},
{
"name": "http://www.sophos.com/support/knowledgebase/article/37810.html",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/support/knowledgebase/article/37810.html"
},
{
"name": "20080428 CORE-2008-0320 - Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/491405/100/0/threaded"
},
{
"name": "1019945",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019945"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1737",
"datePublished": "2008-04-29T23:00:00",
"dateReserved": "2008-04-11T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5646 (GCVE-0-2006-5646)
Vulnerability from cvelistv5
Published
2006-11-01 15:00
Modified
2024-08-07 19:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:54.135Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
},
{
"name": "1017132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017132"
},
{
"name": "ADV-2006-4239",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4239"
},
{
"name": "20061208 Sophos Antivirus CHM File Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=452"
},
{
"name": "20816",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20816"
},
{
"name": "22591",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22591"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-12-11T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
},
{
"name": "1017132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017132"
},
{
"name": "ADV-2006-4239",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4239"
},
{
"name": "20061208 Sophos Antivirus CHM File Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=452"
},
{
"name": "20816",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20816"
},
{
"name": "22591",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22591"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5646",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.sophos.com/support/knowledgebase/article/7609.html",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
},
{
"name": "1017132",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017132"
},
{
"name": "ADV-2006-4239",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4239"
},
{
"name": "20061208 Sophos Antivirus CHM File Heap Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=452"
},
{
"name": "20816",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20816"
},
{
"name": "22591",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22591"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5646",
"datePublished": "2006-11-01T15:00:00",
"dateReserved": "2006-11-01T00:00:00",
"dateUpdated": "2024-08-07T19:55:54.135Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5541 (GCVE-0-2008-5541)
Vulnerability from cvelistv5
Published
2008-12-12 18:13
Modified
2024-08-07 10:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Sophos Anti-Virus 4.33.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:56:46.870Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "multiple-antivirus-mzheader-code-execution(47435)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
},
{
"name": "4723",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4723"
},
{
"name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus 4.33.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "multiple-antivirus-mzheader-code-execution(47435)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
},
{
"name": "4723",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4723"
},
{
"name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5541",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sophos Anti-Virus 4.33.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "multiple-antivirus-mzheader-code-execution(47435)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
},
{
"name": "4723",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4723"
},
{
"name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5541",
"datePublished": "2008-12-12T18:13:00",
"dateReserved": "2008-12-12T00:00:00",
"dateUpdated": "2024-08-07T10:56:46.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5647 (GCVE-0-2006-5647)
Vulnerability from cvelistv5
Published
2006-11-01 15:00
Modified
2024-08-07 19:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a malformed CHM file with a large name length in the CHM chunk header, aka "CHM name length memory consumption vulnerability."
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:53.925Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
},
{
"name": "1017132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017132"
},
{
"name": "ADV-2006-4239",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4239"
},
{
"name": "20816",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20816"
},
{
"name": "20061208 Sophos Antivirus CHM Chunk Name Length Memory Corruption Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=451"
},
{
"name": "22591",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22591"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a malformed CHM file with a large name length in the CHM chunk header, aka \"CHM name length memory consumption vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-12-11T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
},
{
"name": "1017132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017132"
},
{
"name": "ADV-2006-4239",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4239"
},
{
"name": "20816",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20816"
},
{
"name": "20061208 Sophos Antivirus CHM Chunk Name Length Memory Corruption Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=451"
},
{
"name": "22591",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22591"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5647",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a malformed CHM file with a large name length in the CHM chunk header, aka \"CHM name length memory consumption vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.sophos.com/support/knowledgebase/article/7609.html",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
},
{
"name": "1017132",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017132"
},
{
"name": "ADV-2006-4239",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4239"
},
{
"name": "20816",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20816"
},
{
"name": "20061208 Sophos Antivirus CHM Chunk Name Length Memory Corruption Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=451"
},
{
"name": "22591",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22591"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5647",
"datePublished": "2006-11-01T15:00:00",
"dateReserved": "2006-11-01T00:00:00",
"dateUpdated": "2024-08-07T19:55:53.925Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4577 (GCVE-0-2007-4577)
Vulnerability from cvelistv5
Published
2007-08-28 18:00
Modified
2024-08-07 15:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a "BZip bomb").
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.876Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2972",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2972"
},
{
"name": "25428",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25428"
},
{
"name": "26580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26580"
},
{
"name": "3073",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3073"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/support/knowledgebase/article/28407.html"
},
{
"name": "20070824 n.runs-SA-2007.026 - Sophos Antivirus BZip parsing Infinite Loop Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/477727/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/security_advisory_sophos_gzip_infinite_loop_dos.php"
},
{
"name": "1018608",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018608"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a \"BZip bomb\")."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2972",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2972"
},
{
"name": "25428",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25428"
},
{
"name": "26580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26580"
},
{
"name": "3073",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3073"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/support/knowledgebase/article/28407.html"
},
{
"name": "20070824 n.runs-SA-2007.026 - Sophos Antivirus BZip parsing Infinite Loop Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/477727/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/security_advisory_sophos_gzip_infinite_loop_dos.php"
},
{
"name": "1018608",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018608"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a \"BZip bomb\")."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2972",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2972"
},
{
"name": "25428",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25428"
},
{
"name": "26580",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26580"
},
{
"name": "3073",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3073"
},
{
"name": "http://www.sophos.com/support/knowledgebase/article/28407.html",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/support/knowledgebase/article/28407.html"
},
{
"name": "20070824 n.runs-SA-2007.026 - Sophos Antivirus BZip parsing Infinite Loop Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477727/100/0/threaded"
},
{
"name": "http://www.nruns.com/security_advisory_sophos_gzip_infinite_loop_dos.php",
"refsource": "MISC",
"url": "http://www.nruns.com/security_advisory_sophos_gzip_infinite_loop_dos.php"
},
{
"name": "1018608",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018608"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4577",
"datePublished": "2007-08-28T18:00:00",
"dateReserved": "2007-08-28T00:00:00",
"dateUpdated": "2024-08-07T15:01:09.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2308 (GCVE-0-2010-2308)
Vulnerability from cvelistv5
Published
2010-06-16 20:00
Modified
2024-08-07 02:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus before 7.6.20 allows local users to gain privileges via crafted arguments to the NtQueryAttributesFile function.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:15.516Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "40085",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40085"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-03"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/support/knowledgebase/article/111126.html"
},
{
"name": "20100609 TPTI-10-03: Sophos Anti-Virus SAVOnAccessFilter Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/511773/100/0/threaded"
},
{
"name": "1024089",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024089"
},
{
"name": "ADV-2010-1412",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1412"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus before 7.6.20 allows local users to gain privileges via crafted arguments to the NtQueryAttributesFile function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "40085",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40085"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-03"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/support/knowledgebase/article/111126.html"
},
{
"name": "20100609 TPTI-10-03: Sophos Anti-Virus SAVOnAccessFilter Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/511773/100/0/threaded"
},
{
"name": "1024089",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024089"
},
{
"name": "ADV-2010-1412",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1412"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus before 7.6.20 allows local users to gain privileges via crafted arguments to the NtQueryAttributesFile function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40085",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40085"
},
{
"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-03",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-03"
},
{
"name": "http://www.sophos.com/support/knowledgebase/article/111126.html",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/support/knowledgebase/article/111126.html"
},
{
"name": "20100609 TPTI-10-03: Sophos Anti-Virus SAVOnAccessFilter Local Privilege Escalation Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/511773/100/0/threaded"
},
{
"name": "1024089",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024089"
},
{
"name": "ADV-2010-1412",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1412"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2308",
"datePublished": "2010-06-16T20:00:00",
"dateReserved": "2010-06-16T00:00:00",
"dateUpdated": "2024-08-07T02:32:15.516Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5645 (GCVE-0-2006-5645)
Vulnerability from cvelistv5
Published
2006-11-01 15:00
Modified
2024-08-07 19:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:54.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1018450",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018450"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
},
{
"name": "1017132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017132"
},
{
"name": "ADV-2006-4239",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4239"
},
{
"name": "20816",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20816"
},
{
"name": "20061208 Multiple Vendor Antivirus RAR File Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439"
},
{
"name": "20070726 RE: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
},
{
"name": "22591",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22591"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when \"Enabled scanning of archives\" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1018450",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018450"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
},
{
"name": "1017132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017132"
},
{
"name": "ADV-2006-4239",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4239"
},
{
"name": "20816",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20816"
},
{
"name": "20061208 Multiple Vendor Antivirus RAR File Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439"
},
{
"name": "20070726 RE: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
},
{
"name": "22591",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22591"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5645",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when \"Enabled scanning of archives\" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1018450",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018450"
},
{
"name": "http://www.sophos.com/support/knowledgebase/article/7609.html",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
},
{
"name": "1017132",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017132"
},
{
"name": "ADV-2006-4239",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4239"
},
{
"name": "20816",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20816"
},
{
"name": "20061208 Multiple Vendor Antivirus RAR File Denial of Service Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439"
},
{
"name": "20070726 RE: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
},
{
"name": "22591",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22591"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5645",
"datePublished": "2006-11-01T15:00:00",
"dateReserved": "2006-11-01T00:00:00",
"dateUpdated": "2024-08-07T19:55:54.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2385 (GCVE-0-2014-2385)
Vulnerability from cvelistv5
Published
2014-07-22 14:00
Modified
2024-08-06 10:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3) newListList:ExcludeMountPaths parameter to exclusion/configure or (4) text:EmailServer or (5) newListList:Email parameter to notification/configure.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:25.889Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140625 CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/532558/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/127228/Sophos-Antivirus-9.5.1-Cross-Site-Scripting.html"
},
{
"name": "20140625 CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Jun/126"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2385/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/121135.aspx"
},
{
"name": "1030467",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030467"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3) newListList:ExcludeMountPaths parameter to exclusion/configure or (4) text:EmailServer or (5) newListList:Email parameter to notification/configure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20140625 CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/532558/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/127228/Sophos-Antivirus-9.5.1-Cross-Site-Scripting.html"
},
{
"name": "20140625 CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Jun/126"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2385/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/en-us/support/knowledgebase/121135.aspx"
},
{
"name": "1030467",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030467"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2385",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3) newListList:ExcludeMountPaths parameter to exclusion/configure or (4) text:EmailServer or (5) newListList:Email parameter to notification/configure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140625 CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/532558/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/127228/Sophos-Antivirus-9.5.1-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127228/Sophos-Antivirus-9.5.1-Cross-Site-Scripting.html"
},
{
"name": "20140625 CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jun/126"
},
{
"name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2385/",
"refsource": "MISC",
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2385/"
},
{
"name": "http://www.sophos.com/en-us/support/knowledgebase/121135.aspx",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/en-us/support/knowledgebase/121135.aspx"
},
{
"name": "1030467",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030467"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2385",
"datePublished": "2014-07-22T14:00:00",
"dateReserved": "2014-03-13T00:00:00",
"dateUpdated": "2024-08-06T10:14:25.889Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6904 (GCVE-0-2008-6904)
Vulnerability from cvelistv5
Published
2009-08-06 01:00
Modified
2024-08-07 11:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) armadillo, (2) asprotect, or (3) asprotectSKE.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:49:02.265Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "savscan-armadillo-code-execution(52443)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52443"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.sophos.com/support/knowledgebase/article/50611.html"
},
{
"name": "20081210 [IVIZ-08-015] Sophos Antivirus for Linux vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122893252316489\u0026w=2"
},
{
"name": "32748",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32748"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) armadillo, (2) asprotect, or (3) asprotectSKE."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "savscan-armadillo-code-execution(52443)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52443"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.sophos.com/support/knowledgebase/article/50611.html"
},
{
"name": "20081210 [IVIZ-08-015] Sophos Antivirus for Linux vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=122893252316489\u0026w=2"
},
{
"name": "32748",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32748"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6904",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) armadillo, (2) asprotect, or (3) asprotectSKE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "savscan-armadillo-code-execution(52443)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52443"
},
{
"name": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html",
"refsource": "MISC",
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html"
},
{
"name": "http://www.sophos.com/support/knowledgebase/article/50611.html",
"refsource": "MISC",
"url": "http://www.sophos.com/support/knowledgebase/article/50611.html"
},
{
"name": "20081210 [IVIZ-08-015] Sophos Antivirus for Linux vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=122893252316489\u0026w=2"
},
{
"name": "32748",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32748"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6904",
"datePublished": "2009-08-06T01:00:00",
"dateReserved": "2009-08-05T00:00:00",
"dateUpdated": "2024-08-07T11:49:02.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}