Memory Consumption Vulnerability in Sophos Anti-Virus and Endpoint Security
CVE-2006-5647

Currently unrated

Key Information:

Vendor: Sophos
Status: Anti-virus; Endpoint Security
Vendor: CVE Published:; 1 November 2006

Summary

A vulnerability exists in Sophos Anti-Virus and Endpoint Security that allows remote attackers to cause a denial of service through memory corruption. This issue is triggered by a malformed CHM file that includes an excessively long name in the CHM chunk header. Exploiting this vulnerability can potentially lead to arbitrary code execution, posing significant risks to affected systems.

References

http://www.sophos.com/support/knowledgebase/article/7609....

x_refsource_CONFIRM

http://securitytracker.com/id?1017132

vdb-entryx_refsource_SECTRACK

http://www.vupen.com/english/advisories/2006/4239

vdb-entryx_refsource_VUPEN

EPSS Score

14% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 1, 2006
Vulnerability Reserved
Nov 1, 2006