Sophos Anti-Virus engine (SAVi) before 3.50.1, as used in VDL 4.97G 9.7.x before 9.7.9, 10.0.x before 10.0.11, and 10.3.x before 10.3.1 does not set an ACL for certain global and session objects, which allows local users to bypass anti-virus protection, cause a denial of service (resource...
6.6AI Score
0.001EPSS
The scanning engine in F-Prot Antivirus 6.2.1 4252 allows remote attackers to cause a denial of service (infinite loop) via a malformed ZIP archive, probably related to invalid...
7.4AI Score
0.149EPSS
The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allows remote attackers to cause a denial of service (engine crash) via a CHM file with a large nb_dir value that triggers an out-of-bounds...
6.5AI Score
0.016EPSS
Multiple unspecified vulnerabilities in the scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allow remote attackers to cause a denial of service via (1) a crafted UPX-compressed file, which triggers an engine crash; (2) a crafted Microsoft Office file, which triggers an infinite...
6.9AI Score
0.015EPSS
The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB, (2) LZH, and (3) RAR files with modified headers, which might allow remote attackers to bypass malware...
7AI Score
0.012EPSS
Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is a DoS and the...
8AI Score
0.114EPSS
Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a "BZip...
6.9AI Score
0.045EPSS
Buffer overflow in the Trend Micro Scan Engine 8.000 and 8.300 before virus pattern file 4.245.00, as used in other products such as Cyber Clean Center (CCC) Cleaner, allows remote attackers to execute arbitrary code via a malformed UPX compressed...
8AI Score
0.397EPSS