Heap-based Buffer Overflow in Sophos Anti-Virus and Endpoint Security
CVE-2006-5646
Currently unrated
Summary
A heap-based buffer overflow exists in Sophos Anti-Virus and Endpoint Security when archive scanning is enabled. This vulnerability can be exploited by remote attackers using a CHM file with an LZX decompression header that incorrectly specifies a Window_size of 0. Successful exploitation can lead to memory corruption, resulting in a denial of service, affecting the stability of the antivirus software and potentially compromising system security.
References
EPSS Score
31% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved