Sophos

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2008-1737 1Sophos 1Anti Virus Apr 23, 2026 Apr 30, 2008 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service (reboot with the product disabled) and possibly gain privileges via a zero va...Show more Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service (reboot with the product disabled) and possibly gain privileges via a zero value in a certain length field in the ObjectAttributes argument to the NtCreateKey hooked System Service Descriptor Table (SSDT) function.Show less
CVE-2008-0838 1Sophos 2Es1000 Es4000 Apr 23, 2026 Feb 20, 2008 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface in Sophos ES1000 and ES4000 Email Security Appliance 2.1.0.0 allow remote attackers to inject arbitrary web script or HTML via the (...Show more Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface in Sophos ES1000 and ES4000 Email Security Appliance 2.1.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) error and (2) go parameters to the login page.Show less
CVE-2007-4787 1Sophos 2Scanning Engine Sophos Anti Virus Apr 23, 2026 Sep 10, 2007 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB, (2) LZH, and (3) RAR files with modified headers, which might allow remote attackers to bypass malware detection.
CVE-2007-4512 1Sophos 1Anti Virus Apr 23, 2026 Sep 10, 2007 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x before 7.0.1 allows remote attackers to inject arbitrary web script or HTML via an archive with a file that matches a vir...Show more Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x before 7.0.1 allows remote attackers to inject arbitrary web script or HTML via an archive with a file that matches a virus signature and has a crafted filename that is not properly handled by the print function in SavMain.exe.Show less
CVE-2007-4578 1Sophos 3Anti Virus Scanning EngineSmall Business Suite Apr 23, 2026 Aug 28, 2007 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer ca...Show more Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researcher is reliable.Show less
CVE-2007-4577 1Sophos 3Anti Virus Scanning EngineSmall Business Suite Apr 23, 2026 Aug 28, 2007 N/A· v4 N/A· v3 7.8 HIGH· v2 Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a "BZip b...Show more Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a "BZip bomb").Show less
CVE-2006-6335 1Sophos 1Sophos Anti Virus Apr 23, 2026 Dec 12, 2006 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 allow remote attackers to execute arbitrary code via (1) a SIT archive with a long filename that is not null-terminated, which triggers a heap-ba...Show more Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 allow remote attackers to execute arbitrary code via (1) a SIT archive with a long filename that is not null-terminated, which triggers a heap-based overflow in veex.dll due to improper length calculation, and (2) a CPIO archive, with a long filename that is not null-terminated, which triggers a stack-based overflow in veex.dll.Show less
CVE-2006-5647 1Sophos 2Anti Virus Endpoint Security Apr 23, 2026 Nov 1, 2006 N/A· v4 N/A· v3 6.4 MEDIUM· v2 Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbi...Show more Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a malformed CHM file with a large name length in the CHM chunk header, aka "CHM name length memory consumption vulnerability."Show less
CVE-2006-5646 1Sophos 2Anti Virus Endpoint Security Apr 23, 2026 Nov 1, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigge...Show more Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0.Show less
CVE-2006-5645 1Sophos 2Anti Virus Endpoint Security Apr 23, 2026 Nov 1, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service...Show more Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero.Show less
CVE-2006-4839 1Sophos 1Sophos Anti Virus Apr 23, 2026 Nov 1, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Sophos Anti-Virus 5.1 allows remote attackers to cause a denial of service (memory consumption) via a file that is compressed with Petite and contains a large number of sections.
CVE-2006-0994 1Sophos 1Sophos Anti Virus Apr 16, 2026 May 10, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x before 4.05, when cabinet file inspection is enabled, allows remote attackers to execute arbitrary code via a CAB file with "...Show more Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x before 4.05, when cabinet file inspection is enabled, allows remote attackers to execute arbitrary code via a CAB file with "invalid folder count values," which leads to heap corruption.Show less
CVE-2005-4680 1Sophos 1Sophos Anti Virus Apr 16, 2026 Dec 31, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Sophos Anti-Virus before 4.02, 4.5.x before 4.5.9, 4.6.x before 4.6.9, and 5.x before 5.1.4 allow remote attackers to hide arbitrary files and data via crafted ARJ archives, which are not properly scanned.
CVE-2005-3382 1Sophos 1Sophos Anti Virus Apr 16, 2026 Oct 30, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Multiple interpretation error in Sophos 3.91 with the 2.28.4 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated wit...Show more Multiple interpretation error in Sophos 3.91 with the 2.28.4 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."Show less
CVE-2005-3216 1Sophos 1Sophos Anti Virus Apr 16, 2026 Oct 14, 2005 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Multiple interpretation error in unspecified versions of Sophos Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local head...Show more Multiple interpretation error in unspecified versions of Sophos Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.Show less
CVE-2005-2768 1Sophos 1Sophos Anti Virus Apr 16, 2026 Sep 2, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in the Sophos Antivirus Library, as used by Sophos Antivirus, PureMessage, MailMonitor, and other products, allows remote attackers to execute arbitrary code via a Visio file with a crafted sub...Show more Heap-based buffer overflow in the Sophos Antivirus Library, as used by Sophos Antivirus, PureMessage, MailMonitor, and other products, allows remote attackers to execute arbitrary code via a Visio file with a crafted sub record length.Show less
CVE-2005-1530 1Sophos 5Sophos Anti Virus Sophos MailmonitorSophos Mailmonitor For Notes Domino+2 more Apr 16, 2026 Jul 19, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Sophos Anti-Virus 5.0.1, with "Scan inside archive files" enabled, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a Bzip2 archive with a large 'Extra field length' value.
CVE-2005-1551 1Sophos 1Sophos Anti Virus Apr 16, 2026 May 14, 2005 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Sophos Anti-Virus 3.93 does not check downloaded files for viruses when they have only been written, which creates a race condition and may allow remote attackers to bypass virus protection if the file is executed before...Show more Sophos Anti-Virus 3.93 does not check downloaded files for viruses when they have only been written, which creates a race condition and may allow remote attackers to bypass virus protection if the file is executed before the antivirus starts on system reboot.Show less
CVE-2004-0937 11Archive Zip BroadcomCa+8 more 23Antivirus Engine Archive ZipBrightstor Arcserve Backup+20 more Apr 16, 2026 Feb 9, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero...Show more Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.Show less
CVE-2004-0936 11Archive Zip BroadcomCa+8 more 23Antivirus Engine Archive ZipBrightstor Arcserve Backup+20 more Apr 16, 2026 Jan 27, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

Previous 1...5 6 789 Next