Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4787

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2007-4787
Last Modified 07 Mar 2011 09:59:11
Published 10 Sep 2007 05:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4787

Summary

The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB, (2) LZH, and (3) RAR files with modified headers, which might allow remote attackers to bypass malware detection.

Vulnerable Systems

Application

  • Sophos Anti-virus 3.4.6

  • Sophos Anti-virus 3.78

  • Sophos Anti-virus 3.78d

  • Sophos Anti-virus 3.79

  • Sophos Anti-virus 3.80

  • Sophos Anti-virus 3.81

  • Sophos Anti-virus 3.82

  • Sophos Anti-virus 3.83

  • Sophos Anti-virus 3.84

  • Sophos Anti-virus 3.85

  • Sophos Anti-virus 3.86

  • Sophos Anti-virus 3.90

  • Sophos Anti-virus 3.91

  • Sophos Anti-virus 3.95

  • Sophos Anti-virus 3.96

  • Sophos Anti-virus 4.04

  • Sophos Anti-virus 4.05

  • Sophos Anti-virus 4.5.11

  • Sophos Anti-virus 4.5.12

  • Sophos Anti-virus 4.5.3

  • Sophos Anti-virus 4.5.4

  • Sophos Anti-virus 4.7.1

  • Sophos Anti-virus 4.7.2

  • Sophos Anti-virus 5.0.1

  • Sophos Anti-virus 5.0.2

  • Sophos Anti-virus 5.0.4

  • Sophos Anti-virus 5.1

  • Sophos Anti-virus 5.2.0

  • Sophos Anti-virus 5.2.1

  • Sophos Anti-virus 6.0

  • Sophos Anti-virus 6.5

  • Sophos Anti-virus 6.5.4 R2

  • Sophos Anti-virus 6.5.8

  • Sophos Anti-virus 7.0

  • Sophos Scanning Engine 2.30.4


References

CONFIRM - http://www.sophos.com/support/knowledgebase/article/29146.html

VUPEN - ADV-2007-3078

BID - 25574

OSVDB - 37988

XF - sophos-archive-security-bypass(36502)

SECUNIA - 26726


Last Updated: 27 May 2016 10:45:58