CVE-2007-4787

Currently unrated

Key Information:

Vendor: Sophos
Status: Sophos Anti-virus; Scanning Engine
Vendor: CVE Published:; 10 September 2007

Summary

The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB, (2) LZH, and (3) RAR files with modified headers, which might allow remote attackers to bypass malware detection.

References

http://www.securityfocus.com/bid/25574

vdb-entryx_refsource_BID

http://www.sophos.com/support/knowledgebase/article/29146...

x_refsource_CONFIRM

http://osvdb.org/37988

vdb-entryx_refsource_OSVDB

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 10, 2007
Vulnerability Reserved
Sep 10, 2007

Collectors

NVD DatabaseMitre Database