Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security prior to 6.0.5, Anti-Virus for Linux prior to 5.0.10, and other platforms prior to 4.11, when archive scanning is enabled, allows remote malicious users to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sophos anti-virus 4.04 |
||
sophos anti-virus 4.05 |
||
sophos anti-virus 4.5.11 |
||
sophos endpoint security |
||
sophos anti-virus 4.7.2 |
||
sophos anti-virus 5.0.1 |
||
sophos anti-virus 5.0.2 |
||
sophos anti-virus 5.0.4 |
||
sophos anti-virus 4.5.12 |
||
sophos anti-virus 4.5.4 |
||
sophos anti-virus 5.2 |
||
sophos anti-virus 6.0.4 |
||
sophos anti-virus 4.5.3 |
||
sophos anti-virus 4.7.1 |
||
sophos anti-virus 5.1 |
||
sophos anti-virus 5.2.1 |