Lucene search

[email protected]CVE-2005-4680

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-4680

2005-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sophos

anti-virus

vulnerability

arj archives

remote attackers

nvd

7.6 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

74.4%

JSON

Sophos Anti-Virus before 4.02, 4.5.x before 4.5.9, 4.6.x before 4.6.9, and 5.x before 5.1.4 allow remote attackers to hide arbitrary files and data via crafted ARJ archives, which are not properly scanned.

CPENameOperatorVersion
sophos:sophos_anti-virussophos sophos anti-viruseq4.04
sophos:sophos_anti-virussophos sophos anti-viruslt4.02
sophos:sophos_anti-virussophos sophos anti-viruslt4.5.9
sophos:sophos_anti-virussophos sophos anti-viruslt4.6.9
sophos:sophos_anti-virussophos sophos anti-viruslt5.1.4

CPE	Name	Operator	Version
sophos:sophos_anti-virus	sophos sophos anti-virus	eq	4.04
sophos:sophos_anti-virus	sophos sophos anti-virus	lt	4.02
sophos:sophos_anti-virus	sophos sophos anti-virus	lt	4.5.9
sophos:sophos_anti-virus	sophos sophos anti-virus	lt	4.6.9
sophos:sophos_anti-virus	sophos sophos anti-virus	lt	5.1.4

References

www.sophos.com/support/knowledgebase/article/3803.html

www.vupen.com/english/advisories/2006/0347

exchange.xforce.ibmcloud.com/vulnerabilities/24345

7.6 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

74.4%

JSON

Related for CVE-2005-4680

cvelist1