Unrated severityNVD Advisory· Published Sep 10, 2007· Updated Jun 16, 2026
CVE-2007-4512
CVE-2007-4512
Description
Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x before 7.0.1 allows remote attackers to inject arbitrary web script or HTML via an archive with a file that matches a virus signature and has a crafted filename that is not properly handled by the print function in SavMain.exe.
Affected products
2- Range: <6.5.8, <7.0.1
Patches
Vulnerability mechanics
References
8- www.securityfocus.com/bid/25572nvdPatch
- www.sophos.com/support/knowledgebase/article/29150.htmlnvdPatch
- osvdb.org/37527nvd
- secunia.com/advisories/26714nvd
- securityreason.com/securityalert/3107nvd
- www.securityfocus.com/archive/1/478708/100/0/threadednvd
- www.vupen.com/english/advisories/2007/3077nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/36478nvd
News mentions
0No linked articles in our index yet.