Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0994

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0994
Last Modified 07 Mar 2011 09:31:32
Published 10 May 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0994

Summary

Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x before 4.05, when cabinet file inspection is enabled, allows remote attackers to execute arbitrary code via a CAB file with "invalid folder count values," which leads to heap corruption.

Vulnerable Systems

Application

  • Sophos Anti-virus 4.04

  • Sophos Anti-virus 5.2.0


References

MISC - http://www.zerodayinitiative.com/advisories/ZDI-06-012.html

VUPEN - ADV-2006-1730

BID - 17876

BUGTRAQ - 20060508 ZDI-06-012: Sophos Anti-Virus CAB Unpacking Code Execution Vulnerability

SECTRACK - 1016041

SECUNIA - 20028

XF - sophos-cab-parsing-bo(26305)

SREASON - 869


Last Updated: 27 May 2016 10:41:52