Total vulnerabilities in the database
Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0.
| Software | From | Fixed in |
|---|---|---|
| sophos / anti-virus | 4.04 | 4.04.x |
| sophos / anti-virus | 5.2 | 5.2.x |
| sophos / anti-virus | 5.0.2 | 5.0.2.x |
| sophos / anti-virus | 4.5.12 | 4.5.12.x |
| sophos / endpoint_security | - | 6.04.x |
| sophos / anti-virus | 4.5.11 | 4.5.11.x |
| sophos / anti-virus | 4.7.1 | 4.7.1.x |
| sophos / anti-virus | 4.7.2 | 4.7.2.x |
| sophos / anti-virus | 5.0.4 | 5.0.4.x |
| sophos / anti-virus | 5.2.1 | 5.2.1.x |
| sophos / anti-virus | 4.05 | 4.05.x |
| sophos / anti-virus | 4.5.3 | 4.5.3.x |
| sophos / anti-virus | 4.5.4 | 4.5.4.x |
| sophos / anti-virus | 6.0.4 | 6.0.4.x |
| sophos / anti-virus | 5.1 | 5.1.x |
| sophos / anti-virus | 5.0.1 | 5.0.1.x |