Denial of Service and Code Execution Vulnerabilities in Sophos SAVScan for Linux
CVE-2008-6904

Currently unrated

Key Information:

Vendor
Sophos
Vendor
CVE Published:
6 August 2009

Summary

Sophos SAVScan 4.33.0 for Linux is susceptible to multiple unspecified vulnerabilities that could enable remote attackers to trigger a denial of service through segmentation faults. Additionally, there is a possibility of executing arbitrary code when processing specially crafted files packed with Armadillo, Asprotect, or AsprotectSKE. This vulnerability poses a significant risk to users relying on this antivirus solution, necessitating prompt action to mitigate exposure.

References

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.