Vulnerabilities for Sophos puremessage anti-virus (...) - CXSECURITY.COM

Vulnerabilities for 'Sophos puremessage anti-virus'

2008-07-15

CVE-2008-3177

CWE-16

Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), allows remote attackers to cause a denial of service (engine crash) via zero-length MIME attachments.

2005-07-19

CVE-2005-1530

Sophos Anti-Virus 5.0.1, with "Scan inside archive files" enabled, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a Bzip2 archive with a large 'Extra field length' value.

2005-01-10

CVE-2004-1096

Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

2005-02-09

CVE-2004-0937

Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

2005-01-27

CVE-2004-0936

RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVE-2004-0935

Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVE-2004-0934

Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVE-2004-0933

Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVE-2004-0932

McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

>>> Vendor: Sophos 53 Products

Small business suite

Sophos anti-virus

Sophos puremessage anti-virus

Sophos small business suite

Sophos mailmonitor

Sophos mailmonitor for notes domino

Endpoint security

Scanning engine

Anti-virus7.6.3

Puremessage for microsoft exchange

Endpoint protection

Unified threat management software

Unified threat management

Disk encryption

Safeguard easy device encryption client

Safeguard enterprise device encryption

Sophos endpoint security and control

Safeguard enterprise

Free encryption

Safeguard privatecrypto

Web appliance firmware

Enterprise console

Cyberoam cr100ing utm firmware

Cyberoam cr35ing utm firmware

Unified threat management up2date

Mobile control eas proxy

Cyberoam cr25ing utm firmware

Cyberoam firmware

Threat detection engine

Astaro security gateway firmware

Invincea dell protected workspace

Safeguard enterprise client

Safeguard lan crypt client

Hitmanpro.alert

Sophos secure email

Xg firewall firmware

Sophos secure workspace

Exploit prevention

Intercept x endpoint

Intercept x for server

Copyright 2024, cxsecurity.com