CVE-2005-2768

Heap-based buffer overflow in the Sophos Antivirus Library, as used by Sophos Antivirus, PureMessage, MailMonitor, and other products, allows remote attackers to execute arbitrary code via a Visio file with a crafted sub record length.

Published: Sep 3, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-2768
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
sophos / sophos_anti-virus	3.83	3.83.x
sophos / sophos_anti-virus	3.91	3.91.x
sophos / sophos_anti-virus	3.80	3.80.x
sophos / sophos_anti-virus	3.81	3.81.x
sophos / sophos_anti-virus	3.86	3.86.x
sophos / sophos_anti-virus	3.78	3.78.x
sophos / sophos_anti-virus	3.82	3.82.x
sophos / sophos_anti-virus	3.79	3.79.x
sophos / sophos_anti-virus	4.5.3	4.5.3.x
sophos / sophos_anti-virus	3.78d	3.78d.x
sophos / sophos_anti-virus	3.90	3.90.x
sophos / sophos_anti-virus	3.4.6	3.4.6.x
sophos / sophos_anti-virus	3.95	3.95.x
sophos / sophos_anti-virus	5.0.1	5.0.1.x
sophos / sophos_anti-virus	3.84	3.84.x
sophos / sophos_anti-virus	5.0.4	5.0.4.x
sophos / sophos_anti-virus	3.85	3.85.x

Vulnerability Database

289,871

CVE-2005-2768