VYPR

Anti Virus

by Sophos

CVEs (48)

  • CVE-2007-4512Sep 10, 2007
    risk 0.00cvss epss 0.05

    Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x before 7.0.1 allows remote attackers to inject arbitrary web script or HTML via an archive with a file that matches a virus signature and has a crafted filename that is not…

  • CVE-2007-4577Aug 28, 2007
    risk 0.00cvss epss 0.06

    Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a "BZip bomb").

  • CVE-2006-4839Nov 1, 2006
    risk 0.00cvss epss 0.03

    Sophos Anti-Virus 5.1 allows remote attackers to cause a denial of service (memory consumption) via a file that is compressed with Petite and contains a large number of sections.

  • CVE-2005-3382Oct 30, 2005
    risk 0.00cvss epss 0.04

    Multiple interpretation error in Sophos 3.91 with the 2.28.4 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type…

  • CVE-2005-3216Oct 14, 2005
    risk 0.00cvss epss 0.05

    Multiple interpretation error in unspecified versions of Sophos Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar…

  • CVE-2005-1530Jul 19, 2005
    risk 0.00cvss epss 0.06

    Sophos Anti-Virus 5.0.1, with "Scan inside archive files" enabled, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a Bzip2 archive with a large 'Extra field length' value.

  • CVE-2005-1551May 14, 2005
    risk 0.00cvss epss 0.04

    Sophos Anti-Virus 3.93 does not check downloaded files for viruses when they have only been written, which creates a race condition and may allow remote attackers to bypass virus protection if the file is executed before the antivirus starts on system reboot.

  • CVE-2004-2075Dec 31, 2004
    risk 0.00cvss epss 0.02

    Sophos Anti-Virus 3.78 allows remote attackers to cause a denial of service (infinite loop) via a MIME header that is not properly terminated.

Page 3 of 3