NotCVE - vendor:"Sophos" product:"Anti-virus" version:"5.0.2"

Page 4 of 21 results (0.007 seconds)

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2007-4512

https://notcve.org/view.php?id=CVE-2007-4512

Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x before 7.0.1 allows remote attackers to inject arbitrary web script or HTML via an archive with a file that matches a virus signature and has a crafted filename that is not properly handled by the print function in SavMain.exe. Una vulnerabilidad de tipo cross-site scripting (XSS) en Sophos Anti-Virus para Windows versiones 6.x anteriores a 6.5.8 y versiones 7.x anteriores a 7.0.1, permite a atacantes remotos inyectar script web o HTML arbitrario por medio de un registro con un archivo que coincide con una firma de virus y tiene un nombre de archivo diseñado que no es manejado apropiadamente mediante la función print en el archivo SavMain.exe. • http://osvdb.org/37527 http://secunia.com/advisories/26714 http://securityreason.com/securityalert/3107 http://www.securityfocus.com/archive/1/478708/100/0/threaded http://www.securityfocus.com/bid/25572 http://www.sophos.com/support/knowledgebase/article/29150.html http://www.vupen.com/english/advisories/2007/3077 https://exchange.xforce.ibmcloud.com/vulnerabilities/36478 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 4%CPEs: 37EXPL: 0

CVE-2007-4577

https://notcve.org/view.php?id=CVE-2007-4577

Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a "BZip bomb"). Sophos Anti-Virus para Unix/Linux anterior a 2.48.0 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) mediante un archivo BZip mal formado que resulta en la creación de múltiples ficheros Engine temporales (también conocida como "bomba BZip"). • http://secunia.com/advisories/26580 http://securityreason.com/securityalert/3073 http://securitytracker.com/id?1018608 http://www.nruns.com/security_advisory_sophos_gzip_infinite_loop_dos.php http://www.securityfocus.com/archive/1/477727/100/0/threaded http://www.securityfocus.com/bid/25428 http://www.sophos.com/support/knowledgebase/article/28407.html http://www.vupen.com/english/advisories/2007/2972 • CWE-399: Resource Management Errors •

CVSS: 6.8EPSS: 10%CPEs: 37EXPL: 0

CVE-2007-4578

https://notcve.org/view.php?id=CVE-2007-4578

Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researcher is reliable. Sophos Anti-Virus para Windows y para Unix/Linux anterior a 2.48.0 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante un archivo empaquetado con UPX manipulado, resultado de una "conversión de vuelta de entero" (integer cast around). NOTA: a fecha de 28/08/2007, el fabricante dice que esto es una denegación de servicio y el investigador dice que permite ejecución de código, pero el investigador es fiable. • http://secunia.com/advisories/26580 http://securityreason.com/securityalert/3072 http://securitytracker.com/id?1018608 http://www.nruns.com/security_advisory_sophos_upx_infinite_loop_dos.php http://www.securityfocus.com/archive/1/477720/100/0/threaded http://www.securityfocus.com/archive/1/477864/100/0/threaded http://www.securityfocus.com/archive/1/477882/100/0/threaded http://www.securityfocus.com/bid/25428 http://www.sophos.com/support/knowledgebase/article/28407.html http:/& • CWE-189: Numeric Errors •

CVSS: 5.0EPSS: 18%CPEs: 16EXPL: 1

CVE-2006-5645 – Sophos / Trend Micro AntiVirus - '.RAR' File Denial of Service (PoC)

https://notcve.org/view.php?id=CVE-2006-5645

Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero. Sophos Anti-Virus y Endpoint Security anteriores a 6.0.5, Anti-virus para Linux 5.0.10, y otras plataformas en versiones anteriores a la 4.11, permite a atacantes remotos causar denegación de servicio (bucle infinito) mediante un fichero RAR mal formado con una sección de Cabecera de Archivo con los campos head_size y pack_size puestos a cero. • https://www.exploit-db.com/exploits/2912 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439 http://secunia.com/advisories/22591 http://securitytracker.com/id?1017132 http://www.securityfocus.com/archive/1/474683/100/0/threaded http://www.securityfocus.com/bid/20816 http://www.securitytracker.com/id?1018450 http://www.sophos.com/support/knowledgebase/article/7609.html http://www.vupen.com/english/advisories/2006/4239 • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 72%CPEs: 16EXPL: 1

CVE-2006-5646 – Sophos AntiVirus - '.CHM' File Heap Overflow (PoC)

https://notcve.org/view.php?id=CVE-2006-5646

Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0. Desbordamiento de búfer basado en montón en Sophos Anti-Virus y Endpoint Security versiones anteriores a 6.0.5, Anti-Virus para Linux anteriores a 5.0.10, y otras plataformas anteriores a 4.11, cuando el escaneo de archivos está habilitado, permite a atacantes remotos disparar una denegación de servicio (corrupción de memoria) a través de un archivo CHM con una cabecera de descompresión LZX que especifica un tamaño de ventana 0. • https://www.exploit-db.com/exploits/2910 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=452 http://secunia.com/advisories/22591 http://securitytracker.com/id?1017132 http://www.securityfocus.com/bid/20816 http://www.sophos.com/support/knowledgebase/article/7609.html http://www.vupen.com/english/advisories/2006/4239 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

1 2 3 4 5