Описание
Sophos Anti-Virus 5.0.1, with "Scan inside archive files" enabled, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a Bzip2 archive with a large 'Extra field length' value.
Ссылки
- PatchVendor Advisory
- ExploitPatch
- PatchVendor Advisory
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_anti-virus:3.90:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_anti-virus:3.91:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_anti-virus:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_mailmonitor:2.0:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_mailmonitor:2.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_mailmonitor_for_notes_domino:*:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*
cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05979
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Sophos Anti-Virus 5.0.1, with "Scan inside archive files" enabled, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a Bzip2 archive with a large 'Extra field length' value.
EPSS
Процентиль: 90%
0.05979
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other