CVE-2007-4578
https://notcve.org/view.php?id=CVE-2007-4578
Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researcher is reliable. Sophos Anti-Virus para Windows y para Unix/Linux anterior a 2.48.0 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante un archivo empaquetado con UPX manipulado, resultado de una "conversión de vuelta de entero" (integer cast around). NOTA: a fecha de 28/08/2007, el fabricante dice que esto es una denegación de servicio y el investigador dice que permite ejecución de código, pero el investigador es fiable. • http://secunia.com/advisories/26580 http://securityreason.com/securityalert/3072 http://securitytracker.com/id?1018608 http://www.nruns.com/security_advisory_sophos_upx_infinite_loop_dos.php http://www.securityfocus.com/archive/1/477720/100/0/threaded http://www.securityfocus.com/archive/1/477864/100/0/threaded http://www.securityfocus.com/archive/1/477882/100/0/threaded http://www.securityfocus.com/bid/25428 http://www.sophos.com/support/knowledgebase/article/28407.html http:/& • CWE-189: Numeric Errors •
CVE-2005-2768
https://notcve.org/view.php?id=CVE-2005-2768
Heap-based buffer overflow in the Sophos Antivirus Library, as used by Sophos Antivirus, PureMessage, MailMonitor, and other products, allows remote attackers to execute arbitrary code via a Visio file with a crafted sub record length. • http://marc.info/?l=bugtraq&m=112511873420953&w=2 http://secunia.com/advisories/16245 http://www.rem0te.com/public/images/sophos.pdf http://www.securityfocus.com/bid/14362 http://www.sophos.com/support/knowledgebase/article/3409.html https://exchange.xforce.ibmcloud.com/vulnerabilities/21608 •
CVE-2005-1530
https://notcve.org/view.php?id=CVE-2005-1530
Sophos Anti-Virus 5.0.1, with "Scan inside archive files" enabled, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a Bzip2 archive with a large 'Extra field length' value. Sophos Anti-Virus 5.0.1, con "Scan inside archive files" habilitado permite que atacantes remotos causen una denegación de servicio (agotamiento de CPU por bucle infinito) mediante un archivo Bzip2 con un valor largo en "Extra field length". • http://securitytracker.com/id?1014488 http://www.idefense.com/application/poi/display?id=283&type=vulnerabilities&flashstatus=true http://www.securityfocus.com/bid/14270 https://exchange.xforce.ibmcloud.com/vulnerabilities/21373 •