PT-2006-2032 · Sophos · Sophos Anti-Virus For Windows

Published

2006-05-10

Updated

2018-10-18

CVE-2006-0994

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Sophos Anti-Virus for Windows versions 4.x through 4.04 Sophos Anti-Virus for Windows versions 5.x through 5.2.0

Description The issue allows remote attackers to execute arbitrary code via a CAB file with invalid folder count values, leading to heap corruption. This occurs when cabinet file inspection is enabled.

Recommendations For Sophos Anti-Virus for Windows versions 4.x through 4.04, update to version 4.05 or later. For Sophos Anti-Virus for Windows versions 5.x through 5.2.0, update to version 5.2.1 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-0994

Affected Products

Sophos Anti-Virus For Windows

PT-2006-2032 · Sophos · Sophos Anti-Virus For Windows

CVE-2006-0994

Related Identifiers

Affected Products

References · 10