Denial of Service and Code Execution Vulnerabilities in Sophos SAVScan for Linux
CVE-2008-6904
Currently unrated
Summary
Sophos SAVScan 4.33.0 for Linux is susceptible to multiple unspecified vulnerabilities that could enable remote attackers to trigger a denial of service through segmentation faults. Additionally, there is a possibility of executing arbitrary code when processing specially crafted files packed with Armadillo, Asprotect, or AsprotectSKE. This vulnerability poses a significant risk to users relying on this antivirus solution, necessitating prompt action to mitigate exposure.
References
EPSS Score
6% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved