Sophos Anti-Virus 4.61.0
by Sophos
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-1458 | 0.06 | — | 0.74 | Mar 21, 2012 | The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published… | |||
| CVE-2006-5645 | 0.04 | — | 0.17 | Nov 1, 2006 | Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive… | |||
| CVE-2004-0937 | 0.04 | — | 0.15 | Feb 9, 2005 | Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being… | |||
| CVE-2007-4578 | 0.01 | — | 0.07 | Aug 28, 2007 | Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is… |
- CVE-2012-1458Mar 21, 2012risk 0.06cvss —epss 0.74
The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published…
- CVE-2006-5645Nov 1, 2006risk 0.04cvss —epss 0.17
Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive…
- CVE-2004-0937Feb 9, 2005risk 0.04cvss —epss 0.15
Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being…
- CVE-2007-4578Aug 28, 2007risk 0.01cvss —epss 0.07
Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is…