Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2007-4578

Published: 28/08/2007 Updated: 15/10/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Anti-virus

Vulnerability Summary

Sophos Anti-Virus for Windows and for Unix/Linux prior to 2.48.0 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researcher is reliable.

Vulnerable Product Search on Vulmon Subscribe to Product

sophos anti-virus 3.78

sophos anti-virus 3.78d

sophos anti-virus 3.79

sophos anti-virus 3.86

sophos anti-virus 3.90

sophos anti-virus 4.5.11

sophos anti-virus 4.5.12

sophos anti-virus 5.0.9

sophos small business suite 4.04

sophos small business suite 4.05

sophos anti-virus 3.4.6

sophos anti-virus 3.84

sophos anti-virus 3.85

sophos anti-virus 4.04

sophos anti-virus 4.05

sophos anti-virus 5.0.1

sophos anti-virus 5.0.2

sophos anti-virus 5.0.4

sophos scanning engine 2.30.4

sophos scanning engine 2.40.2

sophos anti-virus 3.82

sophos anti-virus 3.83

sophos anti-virus 3.96.0

sophos anti-virus 4.03

sophos anti-virus 4.7.1

sophos anti-virus 4.7.2

sophos anti-virus 5.2.1

sophos anti-virus 6.5

sophos anti-virus 3.80

sophos anti-virus 3.81

sophos anti-virus 3.91

sophos anti-virus 3.95

sophos anti-virus 4.5.3

sophos anti-virus 4.5.4

sophos anti-virus 5.1

sophos anti-virus 5.2

References

CWE-189http://www.nruns.com/security_advisory_sophos_upx_infinite_loop_dos.phphttp://www.sophos.com/support/knowledgebase/article/28407.htmlhttp://www.securityfocus.com/bid/25428http://securitytracker.com/id?1018608http://secunia.com/advisories/26580http://securityreason.com/securityalert/3072http://www.vupen.com/english/advisories/2007/2972http://www.securityfocus.com/archive/1/477882/100/0/threadedhttp://www.securityfocus.com/archive/1/477864/100/0/threadedhttp://www.securityfocus.com/archive/1/477720/100/0/threadedhttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook