Sophos Anti-Virus vulnerabilities

CVE-2014-2385 [MEDIUM] CWE-79 CVE-2014-2385: Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux bef Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3) newListList:ExcludeMountPaths parameter to exclusion/configure or (4) text:EmailServer or (5) n

CVE-2010-2308 [HIGH] CVE-2010-2308: Unspecified vulnerability in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus before 7 Unspecified vulnerability in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus before 7.6.20 allows local users to gain privileges via crafted arguments to the NtQueryAttributesFile function.

CVE-2008-6904 [CRITICAL] CVE-2008-6904: Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) armadillo, (2) asprotect, or (3) asprotectSKE.

CVE-2008-6903 [MEDIUM] CWE-399 CVE-2008-6903: Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows NT/9x before 4.7.18, Anti-Virus f Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows NT/9x before 4.7.18, Anti-Virus for OS X before 4.9.18, Anti-Virus for Linux before 6.4.5, Anti-Virus for UNIX before 7.0.5, Anti-Virus for Unix and Netware before 4.37.0, Sophos EM Library, and Sophos small business solutions, when CAB archive scanning is enabled, allows remote attack

CVE-2008-5541 [CRITICAL] CVE-2008-5541: Sophos Anti-Virus 4.33.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass d Sophos Anti-Virus 4.33.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exp

CVE-2008-1737 [MEDIUM] CWE-20 CVE-2008-1737: Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allow Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service (reboot with the product disabled) and possibly gain privileges via a zero value in a certain length field in the ObjectAttributes argument to the NtCreateKey hooked System Service Descriptor Table (SSDT) functi

CVE-2007-4512 [MEDIUM] CWE-79 CVE-2007-4512: Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x b Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x before 7.0.1 allows remote attackers to inject arbitrary web script or HTML via an archive with a file that matches a virus signature and has a crafted filename that is not properly handled by the print function in SavMain.exe.

CVE-2007-4577 [HIGH] CWE-399 CVE-2007-4577: Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a "BZip bomb").

CVE-2007-4578 [MEDIUM] CWE-189 CVE-2007-4578: Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a de Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researche

CVE-2006-5646 [MEDIUM] CWE-119 CVE-2006-5646: Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for L Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0.

CVE-2006-5647 [MEDIUM] CWE-119 CVE-2006-5647: Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a malformed CHM file with a large name length in the CHM chunk header, aka "CHM name length memory consumption vulnerab

CVE-2006-5645 [MEDIUM] CWE-399 CVE-2006-5645: Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero.