CVE-2007-4787

The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB, (2) LZH, and (3) RAR files with modified headers, which might allow remote attackers to bypass malware detection.

Published: Sep 10, 2007
Updated: Nov 9, 2025
CVE: CVE-2007-4787
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
sophos / sophos_anti-virus	4.5.11	4.5.11.x
sophos / sophos_anti-virus	3.96	3.96.x
sophos / sophos_anti-virus	5.0.2	5.0.2.x
sophos / sophos_anti-virus	5.2.0	5.2.0.x
sophos / sophos_anti-virus	4.04	4.04.x
sophos / sophos_anti-virus	3.83	3.83.x
sophos / sophos_anti-virus	6.0	6.0.x
sophos / sophos_anti-virus	3.91	3.91.x
sophos / sophos_anti-virus	3.80	3.80.x
sophos / sophos_anti-virus	3.81	3.81.x
sophos / sophos_anti-virus	3.86	3.86.x
sophos / sophos_anti-virus	3.78	3.78.x
sophos / sophos_anti-virus	5.2.1	5.2.1.x
sophos / sophos_anti-virus	3.82	3.82.x
sophos / sophos_anti-virus	3.79	3.79.x
sophos / sophos_anti-virus	4.5.3	4.5.3.x
sophos / sophos_anti-virus	4.7.2	4.7.2.x
sophos / sophos_anti-virus	4.7.1	4.7.1.x
sophos / sophos_anti-virus	6.5.8	6.5.8.x
sophos / sophos_anti-virus	3.78d	3.78d.x
sophos / sophos_anti-virus	4.05	4.05.x
sophos / sophos_anti-virus	3.90	3.90.x
sophos / scanning_engine	2.30.4	2.30.4.x
sophos / sophos_anti-virus	3.4.6	3.4.6.x
sophos / sophos_anti-virus	3.95	3.95.x
sophos / sophos_anti-virus	7.0	7.0.x
sophos / sophos_anti-virus	6.5	6.5.x
sophos / sophos_anti-virus	5.0.1	5.0.1.x
sophos / sophos_anti-virus	4.5.4	4.5.4.x
sophos / sophos_anti-virus	6.5.4_r2	6.5.4_r2.x
sophos / sophos_anti-virus	4.5.12	4.5.12.x
sophos / sophos_anti-virus	3.84	3.84.x
sophos / sophos_anti-virus	5.0.4	5.0.4.x
sophos / sophos_anti-virus	5.1	5.1.x
sophos / sophos_anti-virus	3.85	3.85.x

Vulnerability Database

300,991

CVE-2007-4787

Deep Security Visibility Without the Complexity