Sophos : Security Vulnerabilities, CVEs, Published In 2006 (Overflow)
Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a malformed CHM file with a large name length in the CHM chunk header, aka "CHM name length memory consumption vulnerability."
Max CVSS
6.4
EPSS Score
13.35%
Published
2006-11-01
Updated
2011-03-07
Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0.
Max CVSS
5.0
EPSS Score
72.42%
Published
2006-11-01
Updated
2011-03-07
2 vulnerabilities found