Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-5647

CWE-119Buffer Overflow4 documents4 sources
Severity
6.4MEDIUM
EPSS
17.6%
top 4.91%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Sophos Endpoint SecuritySophos Anti-virus
Timeline
PublishedNov 1
Latest updateMay 1

Description

Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a malformed CHM file with a large name length in the CHM chunk header, aka "CHM name length memory consumption vulnerability."

CVSS vector

AV:N/AC:L/C:N/I:P/A:PExploitability: 10.0 | Impact: 4.9

Affected Packages2 packages

NVDsophos/anti-virus15 versions+14

🔴Vulnerability Details

2
GHSA
GHSA-28mj-jg9q-pj9c: Sophos Anti-Virus and Endpoint Security before 62022-05-01
CVEList
CVE-2006-5647: Sophos Anti-Virus and Endpoint Security before 62006-11-01

💥Exploits & PoCs

1
Exploit-DB
Sophos AntiVirus - '.CHM' Chunk Name Length Memory Corruption (PoC)2006-12-10
CVE-2006-5647 (MEDIUM CVSS 6.4) | Sophos Anti-Virus and Endpoint Secu | cvebase.io