Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sophos_anti\-Virus
(Sophos)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 36 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2012-03-21 | CVE-2012-1428 | The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a POSIX TAR file with a \4a\46\49\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. | Quick_heal, Norman_antivirus_\&_antispyware, Sophos_anti\-Virus | N/A | ||
| 2012-03-21 | CVE-2012-1427 | The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a POSIX TAR file with a \57\69\6E\5A\69\70 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. | Quick_heal, Norman_antivirus_\&_antispyware, Sophos_anti\-Virus | N/A | ||
| 2012-03-21 | CVE-2012-1424 | The TAR file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Jiangmin Antivirus 13.0.900, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a POSIX TAR file with a \19\04\00\10 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser... | Avl_sdk, Quick_heal, Jiangmin_antivirus, Norman_antivirus_\&_antispyware, Pc_tools_antivirus, Sophos_anti\-Virus | N/A | ||
| 2008-07-15 | CVE-2008-3177 | Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), allows remote attackers to cause a denial of service (engine crash) via zero-length MIME attachments. | Es1000, Es4000, Sophos_anti\-Virus, Sophos_puremessage_anti\-Virus | N/A | ||
| 2007-09-10 | CVE-2007-4787 | The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB, (2) LZH, and (3) RAR files with modified headers, which might allow remote attackers to bypass malware detection. | Scanning_engine, Sophos_anti\-Virus | N/A | ||
| 2006-12-12 | CVE-2006-6335 | Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 allow remote attackers to execute arbitrary code via (1) a SIT archive with a long filename that is not null-terminated, which triggers a heap-based overflow in veex.dll due to improper length calculation, and (2) a CPIO archive, with a long filename that is not null-terminated, which triggers a stack-based overflow in veex.dll. | Sophos_anti\-Virus | N/A | ||
| 2006-11-01 | CVE-2006-4839 | Sophos Anti-Virus 5.1 allows remote attackers to cause a denial of service (memory consumption) via a file that is compressed with Petite and contains a large number of sections. | Sophos_anti\-Virus | N/A | ||
| 2006-05-10 | CVE-2006-0994 | Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x before 4.05, when cabinet file inspection is enabled, allows remote attackers to execute arbitrary code via a CAB file with "invalid folder count values," which leads to heap corruption. | Sophos_anti\-Virus | N/A | ||
| 2005-12-31 | CVE-2005-4680 | Sophos Anti-Virus before 4.02, 4.5.x before 4.5.9, 4.6.x before 4.6.9, and 5.x before 5.1.4 allow remote attackers to hide arbitrary files and data via crafted ARJ archives, which are not properly scanned. | Sophos_anti\-Virus | N/A | ||
| 2005-10-30 | CVE-2005-3382 | Multiple interpretation error in Sophos 3.91 with the 2.28.4 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | Sophos_anti\-Virus | N/A |