CVE-2006-5647

Опубликовано: 01 нояб. 2006

Источник: nvd

CVSS2: 6.4

EPSS Средний

Описание

Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a malformed CHM file with a large name length in the CHM chunk header, aka "CHM name length memory consumption vulnerability."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sophos:anti-virus:4.04:*:*:*:*:*:*:*

cpe:2.3:a:sophos:anti-virus:4.05:*:*:*:*:*:*:*

cpe:2.3:a:sophos:anti-virus:4.5.3:*:*:*:*:*:*:*

cpe:2.3:a:sophos:anti-virus:4.5.4:*:*:*:*:*:*:*

cpe:2.3:a:sophos:anti-virus:4.5.11:*:*:*:*:*:*:*

cpe:2.3:a:sophos:anti-virus:4.5.12:*:*:*:*:*:*:*

cpe:2.3:a:sophos:anti-virus:4.7.1:*:*:*:*:*:*:*

cpe:2.3:a:sophos:anti-virus:4.7.2:*:*:*:*:*:*:*

cpe:2.3:a:sophos:anti-virus:5.0.1:*:*:*:*:*:*:*

cpe:2.3:a:sophos:anti-virus:5.0.2:*:*:*:*:*:*:*

cpe:2.3:a:sophos:anti-virus:5.0.4:*:*:*:*:*:*:*

cpe:2.3:a:sophos:anti-virus:5.1:*:*:*:*:*:*:*

cpe:2.3:a:sophos:anti-virus:5.2:*:*:*:*:*:*:*

cpe:2.3:a:sophos:anti-virus:5.2.1:*:*:*:*:*:*:*

cpe:2.3:a:sophos:anti-virus:6.0.4:*:*:*:*:*:*:*

cpe:2.3:a:sophos:endpoint_security:*:*:*:*:*:*:*:*

Версия до 6.04 (включая)

EPSS

Процентиль: 94%

0.15456

Средний

6.4 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-28mj-jg9q-pj9c

github

больше 3 лет назад