Sophos Antivirus Multiple Denial of Service and Memory Corruption Vulnerabilities

Bugtraq ID: 20816
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2006-4839
CVE-2006-5645
CVE-2006-5646
CVE-2006-5647
Remote: Yes
Local: No
Published: Oct 30 2006 12:00AM
Updated: Jul 27 2007 12:45AM
Credit: Damian Put <pucik@overflow.pl>is credited with discovering these issues. Titon and an anonymous security researcher are also credited with discovering the RAR archive issue.
Vulnerable: Sophos Small Business Edition (Windows) 4.6.1
Sophos Small Business Edition (Linux) 4.6.1
Sophos Antivirus for Linux 4.03
Sophos Anti-Virus 5.2.1
Sophos Anti-Virus 5.2
Sophos Anti-Virus 5.0.4
Sophos Anti-Virus 5.0.2
Sophos Anti-Virus 5.0.1
Sophos Anti-Virus 4.7.2
Sophos Anti-Virus 4.7.1
Sophos Anti-Virus 4.5.12
Sophos Anti-Virus 4.5.11
Sophos Anti-Virus 4.5.4
Sophos Anti-Virus 4.5.3
Sophos Anti-Virus 5.1
Sophos Anti-Virus 4.05
Sophos Anti-Virus 4.04
Computer Associates Unicenter Network and Systems Management 3.1
Computer Associates Unicenter Network and Systems Management 3.0
Computer Associates Unicenter Network and Systems Management 3.1
Computer Associates Unicenter Network and Systems Management 3.0
Computer Associates Unicenter Network and Systems Management 11.1
Computer Associates Unicenter Network and Systems Management 11
Computer Associates Protection Suites r2 0
Computer Associates Protection Suites r3
Computer Associates Internet Security Suite 2007 3.0
Computer Associates eTrust Secure Content Manager 8.0
Computer Associates eTrust Secure Content Manager 1.0
Computer Associates eTrust Intrusion Detection 3.0 SP 1
Computer Associates eTrust Intrusion Detection 3.0
Computer Associates eTrust Intrusion Detection 2.0.0 SP1
Computer Associates eTrust Internet Security Suite R2
Computer Associates eTrust Internet Security Suite r1
Computer Associates eTrust EZ Armor 3.1
Computer Associates eTrust EZ Armor 3.0
Computer Associates eTrust EZ Armor 2.0
Computer Associates eTrust EZ Armor 1.0
Computer Associates eTrust Antivirus 7.1
Computer Associates eTrust Antivirus 7.0
Computer Associates eTrust Antivirus 6.1
Computer Associates eTrust Antivirus r8.1
Computer Associates eTrust Antivirus r8
Computer Associates Common Services r11.1
Computer Associates Common Services r11
Computer Associates BrightStor ARCServe Backup 11.1
Computer Associates BrightStor ARCServe Backup 11.5
Computer Associates BrightStor ARCServe Backup 10.5
Computer Associates ARCServe Client agent for Windows 0
Computer Associates Anti-Virus SDK 0
Computer Associates Anti-Virus Gateway 7.1
Computer Associates Anti-Virus for the Enterprise r8
Computer Associates Anti-Virus 2007 8
Computer Associates Anti-Spyware for the Enterprise r8.1
Computer Associates Anti-Spyware for the Enterprise r8
Computer Associates Anti-Spyware 2007
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus