CVE-2006-4839
https://notcve.org/view.php?id=CVE-2006-4839
Sophos Anti-Virus 5.1 allows remote attackers to cause a denial of service (memory consumption) via a file that is compressed with Petite and contains a large number of sections. Sophos Anti-Virus 5.1 permite a atacantes remotos provocar una denegación de servicio (agotamiento de memoria) mediante un fichero comprimido con Petite que contiene un gran número de secciones. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=438 http://secunia.com/advisories/22635 http://securitytracker.com/id?1017132 http://www.securityfocus.com/bid/20816 http://www.sophos.com/support/knowledgebase/article/7609.html http://www.vupen.com/english/advisories/2006/4239 https://exchange.xforce.ibmcloud.com/vulnerabilities/29918 •
CVE-2006-0994 – Sophos Anti-Virus CAB Unpacking Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2006-0994
Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x before 4.05, when cabinet file inspection is enabled, allows remote attackers to execute arbitrary code via a CAB file with "invalid folder count values," which leads to heap corruption. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sophos AntiVirus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the unpacking of Microsoft Cabinet files that contain invalid folder count values within the CAB header. Parsing of a specially crafted cabinet file can lead to an exploitable heap corruption. This vulnerability is only exposed when cabinet file inspection is explicitly enabled. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045897.html http://secunia.com/advisories/20028 http://securityreason.com/securityalert/869 http://securitytracker.com/id?1016041 http://www.securityfocus.com/archive/1/433272/100/0/threaded http://www.securityfocus.com/bid/17876 http://www.vupen.com/english/advisories/2006/1730 http://www.zerodayinitiative.com/advisories/ZDI-06-012.html https://exchange.xforce.ibmcloud.com/vulnerabilities/26305 •
CVE-2005-4680
https://notcve.org/view.php?id=CVE-2005-4680
Sophos Anti-Virus before 4.02, 4.5.x before 4.5.9, 4.6.x before 4.6.9, and 5.x before 5.1.4 allow remote attackers to hide arbitrary files and data via crafted ARJ archives, which are not properly scanned. • http://www.sophos.com/support/knowledgebase/article/3803.html http://www.vupen.com/english/advisories/2006/0347 https://exchange.xforce.ibmcloud.com/vulnerabilities/24345 •
CVE-2005-3382
https://notcve.org/view.php?id=CVE-2005-3382
Multiple interpretation error in Sophos 3.91 with the 2.28.4 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." • http://marc.info/?l=bugtraq&m=113026417802703&w=2 http://www.securityelf.org/magicbyte.html http://www.securityelf.org/magicbyteadv.html http://www.securityelf.org/updmagic.html http://www.securityfocus.com/bid/15189 •
CVE-2005-3216
https://notcve.org/view.php?id=CVE-2005-3216
Multiple interpretation error in unspecified versions of Sophos Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. • http://marc.info/?l=bugtraq&m=112879611919750&w=2 http://shadock.net/secubox/AVCraftedArchive.html •