Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-5646

CWE-119Buffer Overflow4 documents4 sources
Severity
5.0MEDIUM
EPSS
41.1%
top 2.62%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Sophos Endpoint SecuritySophos Anti-virus
Timeline
PublishedNov 1
Latest updateMay 1

Description

Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDsophos/anti-virus15 versions+14

🔴Vulnerability Details

2
GHSA
GHSA-cmj2-m79r-9mvg: Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 62022-05-01
CVEList
CVE-2006-5646: Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 62006-11-01

💥Exploits & PoCs

1
Exploit-DB
Sophos AntiVirus - '.CHM' File Heap Overflow (PoC)2006-12-10
CVE-2006-5646 (MEDIUM CVSS 5) | Heap-based buffer overflow in Sopho | cvebase.io