Denial of Service Vulnerability in Sophos Anti-Virus
CVE-2006-4839

Currently unrated

Key Information:

Vendor: Sophos
Status: Sophos Anti-virus
Vendor: CVE Published:; 1 November 2006

What is CVE-2006-4839?

Sophos Anti-Virus 5.1 is susceptible to a denial of service attack, which can be triggered by remote attackers sending files compressed with the Petite algorithm. These specially crafted files contain a large number of sections, ultimately leading to excessive memory consumption and service disruption. This vulnerability highlights the importance of implementing proper file handling and validation measures in antivirus software to prevent exploitation.

References

http://www.sophos.com/support/knowledgebase/article/7609....

x_refsource_CONFIRM

http://securitytracker.com/id?1017132

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/22635

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 1, 2006
Vulnerability Reserved
Sep 15, 2006