CVE-2014-1213
https://notcve.org/view.php?id=CVE-2014-1213
Sophos Anti-Virus engine (SAVi) before 3.50.1, as used in VDL 4.97G 9.7.x before 9.7.9, 10.0.x before 10.0.11, and 10.3.x before 10.3.1 does not set an ACL for certain global and session objects, which allows local users to bypass anti-virus protection, cause a denial of service (resource consumption, CPU consumption, and eventual crash) or spoof "ready for update" messages by performing certain operations on mutexes or events including (1) DataUpdateRequest, (2) MmfMutexSAV-****, (3) MmfMutexSAV-Info, (4) ReadyForUpdateSAV-****, (5) ReadyForUpdateSAV-Info, (6) SAV-****, (7) SAV-Info, (8) StateChange, (9) SuspendedSAV-****, (10) SuspendedSAV-Info, (11) UpdateComplete, (12) UpdateMutex, (13) UpdateRequest, or (14) SophosALMonSessionInstance, as demonstrated by triggering a ReadyForUpdateSAV event and modifying the UpdateComplete, UpdateMutex, and UpdateRequest objects. El motor de Sophos Anti-Virus (SAVi) anterior a 3.50.1, utilizado en VDL 4.97G 9.7.x anterior a 9.7.9, 10.0.x anterior a 10.0.11 y 10.3.x anterior a 10.3.1 no establece una ACL para cietos objetos globales y de sesión, lo que permite a usuarios locales evadir la protección Anti-Virus, causa una denegación de servicio (consumo de recursos, consumo de CPU y finalmente una caída) o falsifica mensajes de "preparado para actualización" mediante ciertas operaciones realizadas en mutexes o eventos incluyendo (1) DataUpdateRequest, (2) MmfMutexSAV-****, (3) MmfMutexSAV-Info, (4) ReadyForUpdateSAV-****, (5) ReadyForUpdateSAV-Info, (6) SAV-****, (7) SAV-Info, (8) StateChange, (9) SuspendedSAV-****, (10) SuspendedSAV-Info, (11) UpdateComplete, (12) UpdateMutex, (13) UpdateRequest o (14) SophosALMonSessionInstance, demostrado mediante la provocación de un evento ReadyForUpdateSAV y modificación de objetos UpdateComplete, UpdateMutex y UpdateRequest. • http://osvdb.org/102762 http://packetstormsecurity.com/files/125024/Sophos-Anti-Virus-Denial-Of-Service.html http://seclists.org/fulldisclosure/2014/Feb/1 http://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-1213 http://www.securityfocus.com/archive/1/530915/100/0/threaded http://www.securityfocus.com/bid/65286 http://www.securitytracker.com/id/1029713 http://www.sophos.com/en-us/support/knowledgebase/2300/7200/1031/120401.aspx • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-3243
https://notcve.org/view.php?id=CVE-2008-3243
Multiple unspecified vulnerabilities in the scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allow remote attackers to cause a denial of service via (1) a crafted UPX-compressed file, which triggers an engine crash; (2) a crafted Microsoft Office file, which triggers an infinite loop; or (3) an ASPack-compressed file, which triggers an engine crash. Múltiples vulnerabilidades sin especificar en el motor de análisis anterior a 4.4.4 en el F-Prrot Antivirus anterior a 6.0.9.0, permite a atacantes remotos provocar una denegación de servicio a través de (1) un fichero UPX-comppressed manipulado que provoca una caída del motor; (2) mediante un fichero Microsoft Office manipulado que lanza un bucle infinito o (3) mediante un fichero ASPack-compressed que provoca una caída del motor. • http://secunia.com/advisories/31118 http://www.f-prot.com/download/ReleaseNotesWindows.txt http://www.securityfocus.com/bid/30258 https://exchange.xforce.ibmcloud.com/vulnerabilities/43868 https://exchange.xforce.ibmcloud.com/vulnerabilities/43869 https://exchange.xforce.ibmcloud.com/vulnerabilities/43870 • CWE-20: Improper Input Validation •
CVE-2008-3244
https://notcve.org/view.php?id=CVE-2008-3244
The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allows remote attackers to cause a denial of service (engine crash) via a CHM file with a large nb_dir value that triggers an out-of-bounds read. Motor de análisis anterior a 4.4.4 en F-Prot Antivirus anterior a 6.0.9.0, permite a atacantes remotos provocar una denegación de servicio (caída de motor) a través de un fichero CHM con un valor nb_dir largo, lo que provoca una lectura fuera de rango. • http://secunia.com/advisories/31118 http://www.f-prot.com/download/ReleaseNotesWindows.txt http://www.nruns.com/security_advisory_fprot_out-of-bound_memory_access_DoS.php http://www.securityfocus.com/bid/30253 http://www.securitytracker.com/id?1020507 http://www.vupen.com/english/advisories/2008/2124/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43835 • CWE-20: Improper Input Validation •
CVE-2007-4787
https://notcve.org/view.php?id=CVE-2007-4787
The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB, (2) LZH, and (3) RAR files with modified headers, which might allow remote attackers to bypass malware detection. El motor de detección de virus en Sophos Anti-Virus anterior a 2.49.0 no procesa adecuadamente los archivos malformados (1) CAB, (2) LZH, y (3) RAR con cabeceras modificadas, lo cual podría permitir a atacantes remotos evitar la detección de código malicioso. • http://osvdb.org/37988 http://secunia.com/advisories/26726 http://www.securityfocus.com/bid/25574 http://www.sophos.com/support/knowledgebase/article/29146.html http://www.vupen.com/english/advisories/2007/3078 https://exchange.xforce.ibmcloud.com/vulnerabilities/36502 • CWE-20: Improper Input Validation •
CVE-2007-4577
https://notcve.org/view.php?id=CVE-2007-4577
Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a "BZip bomb"). Sophos Anti-Virus para Unix/Linux anterior a 2.48.0 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) mediante un archivo BZip mal formado que resulta en la creación de múltiples ficheros Engine temporales (también conocida como "bomba BZip"). • http://secunia.com/advisories/26580 http://securityreason.com/securityalert/3073 http://securitytracker.com/id?1018608 http://www.nruns.com/security_advisory_sophos_gzip_infinite_loop_dos.php http://www.securityfocus.com/archive/1/477727/100/0/threaded http://www.securityfocus.com/bid/25428 http://www.sophos.com/support/knowledgebase/article/28407.html http://www.vupen.com/english/advisories/2007/2972 • CWE-399: Resource Management Errors •