Denial of Service Vulnerability in Sophos Anti-Virus for Unix/Linux
CVE-2007-4577

Currently unrated

Key Information:

Vendor
Sophos
Vendor
CVE Published:
28 August 2007

Summary

A vulnerability in Sophos Anti-Virus for Unix/Linux prior to version 2.48.0 allows remote attackers to trigger a denial of service by sending a specially crafted BZip file. This can lead to an infinite loop in the BZip file processing, resulting in the generation of numerous temporary files within the antivirus engine, ultimately disrupting system performance and availability.

References

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.