Buffer Overflow Vulnerability in Sophos Anti-Virus
CVE-2007-4787

Currently unrated

Key Information:

Vendor: Sophos
Status: Sophos Anti-virus; Scanning Engine
Vendor: CVE Published:; 10 September 2007

Summary

The virus detection engine in Sophos Anti-Virus prior to version 2.49.0 is susceptible to a security flaw due to improper processing of specially crafted CAB, LZH, and RAR files featuring modified headers. This vulnerability allows remote attackers to potentially exploit the system, enabling them to evade detection by the security software and increase the risk of malware infiltration.

References

http://www.securityfocus.com/bid/25574

vdb-entryx_refsource_BID

http://www.sophos.com/support/knowledgebase/article/29146...

x_refsource_CONFIRM

http://osvdb.org/37988

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Sep 10, 2007
Vulnerability Reserved
Sep 10, 2007