jetlib.sec » Sophos product advisories » Malformed CAB archive vulnerability reported in Sophos products that use the Sophos detection engine

Feeds

133336 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

Sophos product advisories

• June 15, 2009
• 

  Malformed CAB archive vulnerability reported in Sophos products that use the Sophos detection engine

  Posted: June 15th, 2009, 12:19am PDT

  Tags:   

  This article describes a malformed archive file bypass vulnerability within the Sophos products that use the Sophos Anti-Virus detection engine. There are no known-in-the-wild exploits of this vulnerability at the time of publication. Applies to: Sophos Anti-Virus for Windows 2000+ (version 7.6.7 and below) Sophos Anti-Virus for Windows NT/95/98 (version 4.7.22 and below) Sophos Anti-Virus for OS X (version 4.9.22/7.01 and below) Sophos Anti-Virus for UNIX (version 7.0.9 and below) Sophos Anti-Virus for Linux (version 6.6.2 and below) Sophos Anti-Virus for UNIX and Netware (version 4.41.9 and below) Sophos Email Appliance (version 3.1.3.1 and below) Sophos Web Appliance (version 2.1.18 and below) PureMessage for UNIX (version 5.5.4 and below)