QwikSec

Security Database

CVE

CWE

Training

CVE-2008-6903

Published: Aug 6, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows NT/9x before 4.7.18, Anti-Virus for OS X before 4.9.18, Anti-Virus for Linux before 6.4.5, Anti-Virus for UNIX before 7.0.5, Anti-Virus for Unix and Netware before 4.37.0, Sophos EM Library, and Sophos small business solutions, when CAB archive scanning is enabled, allows remote attackers to cause a denial of service (segmentation fault) via a "fuzzed" CAB archive file, as demonstrated by the OUSPG PROTOS GENOME test suite for Archive Formats.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

http://www.sophos.com/support/knowledgebase/article/50611.html

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html

x_refsource_MISC

20081210 [IVIZ-08-015] Sophos Antivirus for Linux vulnerability

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_OSVDB

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.