Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x prior to 5.2.1 and 4.x prior to 4.05, when cabinet file inspection is enabled, allows remote malicious users to execute arbitrary code via a CAB file with "invalid folder count values," which leads to heap corruption.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sophos sophos anti-virus |