Sophos Anti-Virus for Windows and for Unix/Linux prior to 2.48.0 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researcher is reliable.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sophos anti-virus 3.78 |
||
sophos anti-virus 3.78d |
||
sophos anti-virus 3.79 |
||
sophos anti-virus 3.86 |
||
sophos anti-virus 3.90 |
||
sophos anti-virus 4.5.11 |
||
sophos anti-virus 4.5.12 |
||
sophos anti-virus 5.0.9 |
||
sophos small business suite 4.04 |
||
sophos small business suite 4.05 |
||
sophos anti-virus 3.4.6 |
||
sophos anti-virus 3.84 |
||
sophos anti-virus 3.85 |
||
sophos anti-virus 4.04 |
||
sophos anti-virus 4.05 |
||
sophos anti-virus 5.0.1 |
||
sophos anti-virus 5.0.2 |
||
sophos anti-virus 5.0.4 |
||
sophos scanning engine 2.30.4 |
||
sophos scanning engine 2.40.2 |
||
sophos anti-virus 3.82 |
||
sophos anti-virus 3.83 |
||
sophos anti-virus 3.96.0 |
||
sophos anti-virus 4.03 |
||
sophos anti-virus 4.7.1 |
||
sophos anti-virus 4.7.2 |
||
sophos anti-virus 5.2.1 |
||
sophos anti-virus 6.5 |
||
sophos anti-virus 3.80 |
||
sophos anti-virus 3.81 |
||
sophos anti-virus 3.91 |
||
sophos anti-virus 3.95 |
||
sophos anti-virus 4.5.3 |
||
sophos anti-virus 4.5.4 |
||
sophos anti-virus 5.1 |
||
sophos anti-virus 5.2 |