Sophos Anti-Virus CAB, LZH, and RAR File Scan Evasion Vulnerability

Bugtraq ID: 25574
Class: Input Validation Error
CVE: CVE-2007-4787
Remote: Yes
Local: No
Published: Sep 06 2007 12:00AM
Updated: May 07 2015 05:35PM
Credit: Thierry Zoller of n.runs AG is credited with discovering this issue.
Vulnerable: Sophos Anti-Virus Engine 2.30.4
Sophos Anti-Virus 6.5.8
Sophos Anti-Virus 6.5.4 R2
Sophos Anti-Virus 6.5
Sophos Anti-Virus 5.2.1
Sophos Anti-Virus 5.2
Sophos Anti-Virus 5.0.4
Sophos Anti-Virus 5.0.2
Sophos Anti-Virus 5.0.1
Sophos Anti-Virus 4.7.2
Sophos Anti-Virus 4.7.1
Sophos Anti-Virus 4.5.12
Sophos Anti-Virus 4.5.11
Sophos Anti-Virus 4.5.4
Sophos Anti-Virus 4.5.3
Sophos Anti-Virus 3.96 .0
Sophos Anti-Virus 3.95
Sophos Anti-Virus 3.91
Sophos Anti-Virus 3.90
Sophos Anti-Virus 3.86
Sophos Anti-Virus 3.85
Sophos Anti-Virus 3.84
Sophos Anti-Virus 3.83
Sophos Anti-Virus 3.82
Sophos Anti-Virus 3.81
Sophos Anti-Virus 3.80
Sophos Anti-Virus 3.79
Sophos Anti-Virus 3.78 d
Sophos Anti-Virus 3.78
Sophos Anti-Virus 3.4.6
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP6
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
Sophos Anti-Virus 7.0
Sophos Anti-Virus 6.0
Sophos Anti-Virus 5.1
Sophos Anti-Virus 4.05
Sophos Anti-Virus 4.04
Not Vulnerable: Sophos Anti-Virus Engine 2.49
Sophos Anti-Virus 7.01


 

Privacy Statement
Copyright 2010, SecurityFocus