Sophos : Security Vulnerabilities, CVEs, Published In 2007 (Code Execution)
Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researcher is reliable.
Max CVSS
6.8
EPSS Score
11.42%
Published
2007-08-28
Updated
2018-10-15
1 vulnerabilities found