CVE-2007-4578
Currently unrated
Key Information:
- Vendor
- Sophos
- Vendor
- CVE Published:
- 28 August 2007
Summary
Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researcher is reliable.
References
EPSS Score
8% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved