Total vulnerabilities in the database
Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero.
| Software | From | Fixed in |
|---|---|---|
| sophos / anti-virus | 4.04 | 4.04.x |
| sophos / anti-virus | 5.2 | 5.2.x |
| sophos / anti-virus | 5.0.2 | 5.0.2.x |
| sophos / anti-virus | 4.5.12 | 4.5.12.x |
| sophos / endpoint_security | - | 6.04.x |
| sophos / anti-virus | 4.5.11 | 4.5.11.x |
| sophos / anti-virus | 4.7.1 | 4.7.1.x |
| sophos / anti-virus | 4.7.2 | 4.7.2.x |
| sophos / anti-virus | 5.0.4 | 5.0.4.x |
| sophos / anti-virus | 5.2.1 | 5.2.1.x |
| sophos / anti-virus | 4.05 | 4.05.x |
| sophos / anti-virus | 4.5.3 | 4.5.3.x |
| sophos / anti-virus | 4.5.4 | 4.5.4.x |
| sophos / anti-virus | 6.0.4 | 6.0.4.x |
| sophos / anti-virus | 5.1 | 5.1.x |
| sophos / anti-virus | 5.0.1 | 5.0.1.x |