Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 06/08/2009 Updated: 19/08/2009

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 385

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Sophos Anti-Virus for Windows prior to 7.6.3, Anti-Virus for Windows NT/9x prior to 4.7.18, Anti-Virus for OS X prior to 4.9.18, Anti-Virus for Linux prior to 6.4.5, Anti-Virus for UNIX prior to 7.0.5, Anti-Virus for Unix and Netware prior to 4.37.0, Sophos EM Library, and Sophos small business solutions, when CAB archive scanning is enabled, allows remote malicious users to cause a denial of service (segmentation fault) via a "fuzzed" CAB archive file, as demonstrated by the OUSPG PROTOS GENOME test suite for Archive Formats.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sophos anti-virus 4.7.18
sophos anti-virus 4.9.18
sophos anti-virus 4.37.0
sophos anti-virus7.6.3
sophos anti-virus 6.4.5
sophos anti-virus 7.0.5

CWE-399 http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html http://www.securitytracker.com/id?1021476 http://www.vupen.com/english/advisories/2008/3458 http://www.sophos.com/support/knowledgebase/article/50611.html http://secunia.com/advisories/33177 http://www.securityfocus.com/bid/32748 http://marc.info/?l=bugtraq&m=122893252316489&w=2 http://osvdb.org/50863 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-6903

Vulnerability Summary

References

Vulmon Search

About

Products

Connect