6.8
CVE-2007-4578
- EPSS 7.3%
- Veröffentlicht 28.08.2007 18:17:00
- Zuletzt bearbeitet 16.06.2026 22:44:22
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researcher is reliable.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sophos ≫ Anti-virus Version3.4.6
Sophos ≫ Anti-virus Version3.78
Sophos ≫ Anti-virus Version3.78d
Sophos ≫ Anti-virus Version3.79
Sophos ≫ Anti-virus Version3.80
Sophos ≫ Anti-virus Version3.81
Sophos ≫ Anti-virus Version3.82
Sophos ≫ Anti-virus Version3.83
Sophos ≫ Anti-virus Version3.84
Sophos ≫ Anti-virus Version3.85
Sophos ≫ Anti-virus Version3.86
Sophos ≫ Anti-virus Version3.90
Sophos ≫ Anti-virus Version3.91
Sophos ≫ Anti-virus Version3.95
Sophos ≫ Anti-virus Version3.96.0
Sophos ≫ Anti-virus Version4.03 Editionlinux
Sophos ≫ Anti-virus Version4.04
Sophos ≫ Anti-virus Version4.05
Sophos ≫ Anti-virus Version4.5.3
Sophos ≫ Anti-virus Version4.5.4
Sophos ≫ Anti-virus Version4.5.11
Sophos ≫ Anti-virus Version4.5.12
Sophos ≫ Anti-virus Version4.7.1
Sophos ≫ Anti-virus Version4.7.2
Sophos ≫ Anti-virus Version5.0.1
Sophos ≫ Anti-virus Version5.0.2
Sophos ≫ Anti-virus Version5.0.4
Sophos ≫ Anti-virus Version5.0.9
Sophos ≫ Anti-virus Version5.0.9 Editionlinux
Sophos ≫ Anti-virus Version5.1
Sophos ≫ Anti-virus Version5.2
Sophos ≫ Anti-virus Version5.2.1
Sophos ≫ Anti-virus Version6.5
Sophos ≫ Scanning Engine Version2.30.4
Sophos ≫ Scanning Engine Version2.40.2
Sophos ≫ Small Business Suite Version4.04
Sophos ≫ Small Business Suite Version4.05
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 7.3% | 0.936 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/26580
http://securitytracker.com/id?1018608
http://www.securityfocus.com/bid/25428
http://www.sophos.com/support/knowledgebase/article/28407.html
http://www.vupen.com/english/advisories/2007/2972
http://securityreason.com/securityalert/3072
http://www.nruns.com/security_advisory_sophos_upx_infinite_loop_dos.php
http://www.securityfocus.com/archive/1/477720/100/0/threaded
http://www.securityfocus.com/archive/1/477864/100/0/threaded
http://www.securityfocus.com/archive/1/477882/100/0/threaded