Heap-based Buffer Overflow in Sophos Antivirus Library
CVE-2005-2768

Currently unrated

Key Information:

Vendor: Sophos
Status: Sophos Anti-virus
Vendor: CVE Published:; 2 September 2005

Summary

The Sophos Antivirus Library contains a heap-based buffer overflow vulnerability that can be exploited by remote attackers. This flaw arises when the library processes Visio files with crafted sub record lengths, enabling attackers to execute arbitrary code on affected systems. Products utilizing this library, such as Sophos Antivirus, PureMessage, and MailMonitor, are at risk, making it imperative for users to apply recommended security updates to mitigate potential exploitation.

References

http://www.rem0te.com/public/images/sophos.pdf

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/21608

vdb-entryx_refsource_XF

http://secunia.com/advisories/16245/

third-party-advisoryx_refsource_SECUNIA

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 2, 2005
Vulnerability Reserved
Sep 2, 2005