Sophos Anti-Virus for Unix/Linux prior to 2.48.0 allows remote malicious users to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a "BZip bomb").
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
sophos anti-virus 3.78d |
||
sophos anti-virus 3.79 |
||
sophos anti-virus 3.86 |
||
sophos anti-virus 3.90 |
||
sophos anti-virus 4.5.12 |
||
sophos anti-virus 4.5.3 |
||
sophos anti-virus 5.0.9 |
||
sophos small business suite 4.04 |
||
sophos small business suite 4.05 |
||
sophos anti-virus 3.82 |
||
sophos anti-virus 3.83 |
||
sophos anti-virus 3.96.0 |
||
sophos anti-virus 4.03 |
||
sophos anti-virus 4.7.2 |
||
sophos anti-virus 5.0.1 |
||
sophos anti-virus 5.2.1 |
||
sophos anti-virus 6.5 |
||
sophos anti-virus 3.80 |
||
sophos anti-virus 3.81 |
||
sophos anti-virus 3.91 |
||
sophos anti-virus 3.95 |
||
sophos anti-virus 4.5.4 |
||
sophos anti-virus 4.7.1 |
||
sophos anti-virus 5.1 |
||
sophos anti-virus 5.2 |
||
sophos anti-virus 3.4.6 |
||
sophos anti-virus 3.78 |
||
sophos anti-virus 3.84 |
||
sophos anti-virus 3.85 |
||
sophos anti-virus 4.04 |
||
sophos anti-virus 4.05 |
||
sophos anti-virus 4.5.11 |
||
sophos anti-virus 5.0.2 |
||
sophos anti-virus 5.0.4 |
||
sophos scanning engine 2.30.4 |
||
sophos scanning engine 2.40.2 |
Vulmon