VYPR

Sophos

by Talos

CVEs (3)

  • CVE-2018-3970Oct 25, 2018
    risk 0.00cvss epss 0.00

    An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send…

  • CVE-2018-3971Oct 25, 2018
    risk 0.00cvss epss 0.01

    An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An…

  • CVE-2005-3382Oct 30, 2005
    risk 0.00cvss epss 0.04

    Multiple interpretation error in Sophos 3.91 with the 2.28.4 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type…