Vulnerability Details : CVE-2008-6904
Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) armadillo, (2) asprotect, or (3) asprotectSKE.
Vulnerability category: Memory CorruptionExecute codeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2008-6904
Probability of exploitation activity in the next 30 days: 7.99%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 93 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2008-6904
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
[email protected] |
References for CVE-2008-6904
Products affected by CVE-2008-6904
- cpe:2.3:a:sophos:anti-virus:4.7.18:*:windows-nt:*:*:*:*:*
- cpe:2.3:a:sophos:anti-virus:4.7.18:*:windows_9x:*:*:*:*:*
- cpe:2.3:a:sophos:anti-virus:4.9.18:*:os_x:*:*:*:*:*
- cpe:2.3:a:sophos:anti-virus:4.37.0:*:netware:*:*:*:*:*
- cpe:2.3:a:sophos:anti-virus:6.4.5:*:linux:*:*:*:*:*
- cpe:2.3:a:sophos:anti-virus:7.0.5:*:unix:*:*:*:*:*
- cpe:2.3:a:sophos:anti-virus7.6.3:*:windows:*:*:*:*:*:*