Heap-based Buffer Overflow in Sophos Anti-Virus and Endpoint Security
CVE-2006-5646

Currently unrated

Key Information:

Vendor
Sophos
Vendor
CVE Published:
1 November 2006

Summary

A heap-based buffer overflow exists in Sophos Anti-Virus and Endpoint Security when archive scanning is enabled. This vulnerability can be exploited by remote attackers using a CHM file with an LZX decompression header that incorrectly specifies a Window_size of 0. Successful exploitation can lead to memory corruption, resulting in a denial of service, affecting the stability of the antivirus software and potentially compromising system security.

References

EPSS Score

31% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.