Denial of Service Vulnerability in Sophos Anti-Virus Engine
CVE-2014-1213

Currently unrated

Key Information:

Vendor
Sophos
Vendor
CVE Published:
10 February 2014

Summary

A vulnerability in the Sophos Anti-Virus engine (SAVi) allows local users to disrupt anti-virus protection. The issue arises from improper access controls on certain global and session objects, permitting unauthorized operations which can lead to significant resource exhaustion. This can cause incidents like denial of service, CPU consumption spikes, or technical glitches that impersonate system update readiness. Key objects affected include various mutexes and events related to data updates, indicating serious implications for system stability.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.