CVE-2006-5646
published 2006-11-01CVE-2006-5646: Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when…
PriorityP335medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
17.43%
96.7th percentile
Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sophos | anti-virus | — | — |
| sophos | anti-virus | — | — |
| sophos | anti-virus | — | — |
| sophos | anti-virus | — | — |
| sophos | anti-virus | — | — |
| sophos | anti-virus | — | — |
| sophos | anti-virus | — | — |
| sophos | anti-virus | — | — |
| sophos | anti-virus | — | — |
| sophos | anti-virus | — | — |
| sophos | anti-virus | — | — |
| sophos | anti-virus | — | — |
| sophos | anti-virus | — | — |
| sophos | anti-virus | — | — |
| sophos | anti-virus | — | — |
| sophos | endpoint_security | <= 6.04 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Sophos Anti-Virus up to 6.0.4 memory corruption (EDB-2910 / XFDB-29922)
vuldb·2026-04-26·CVSS 5.0
CVE-2006-5646 [MEDIUM] Sophos Anti-Virus up to 6.0.4 memory corruption (EDB-2910 / XFDB-29922)
A vulnerability classified as critical was found in Sophos Anti-Virus up to 6.0.4. This affects an unknown part. Such manipulation leads to memory corruption.
This vulnerability is listed as CVE-2006-5646. The attack may be performed from remote. In addition, an exploit is available.
Upgrading the affected component is advised.
GHSA
GHSA-cmj2-m79r-9mvg: Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6
ghsa_unreviewed·2022-05-01
CVE-2006-5646 [MEDIUM] CWE-119 GHSA-cmj2-m79r-9mvg: Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6
Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0.
No detection rules found.
No writeups or analysis indexed.
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=452http://secunia.com/advisories/22591http://securitytracker.com/id?1017132http://www.securityfocus.com/bid/20816http://www.sophos.com/support/knowledgebase/article/7609.htmlhttp://www.vupen.com/english/advisories/2006/4239http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=452http://secunia.com/advisories/22591http://securitytracker.com/id?1017132http://www.securityfocus.com/bid/20816http://www.sophos.com/support/knowledgebase/article/7609.htmlhttp://www.vupen.com/english/advisories/2006/4239
2006-11-01
Published