5 matches found
ZDI-06-045: Sophos Anti-Virus CPIO Archive Parsing Buffer Overflow Vulnerability
ZDI-06-045: Sophos Anti-Virus CPIO Archive Parsing Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-045.html December 12, 2006 -- CVE ID: CVE-2006-6335 -- Affected Vendor: Sophos -- Affected Products: All versions of Sophos Anti-Virus v2.40 scanning engine --...
ZDI-06-046: Sophos Anti-Virus SIT Archive Parsing Buffer Overflow Vulnerability
ZDI-06-046: Sophos Anti-Virus SIT Archive Parsing Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-046.html December 12, 2006 -- CVE ID: CVE-2006-6335 -- Affected Vendor: Sophos -- Affected Products: All versions of Sophos Anti-Virus v2.40 scanning engine --...
CVE-2006-6335
Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 allow remote attackers to execute arbitrary code via 1 a SIT archive with a long filename that is not null-terminated, which triggers a heap-based overflow in veex.dll due to improper length calculation, and 2 a CPIO...
CVE-2006-6335
Sophos Anti-Virus (scanning engine) before 2.40 is affected. In veex.dll, two parsing flaws cause remote code execution: (1) parsing SIT archives with long, non-terminated filenames leads to a heap overflow; (2) parsing CPIO archives with long, non-terminated filenames leads to a stack overflow. ...
CVE-2006-6335
Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 allow remote attackers to execute arbitrary code via 1 a SIT archive with a long filename that is not null-terminated, which triggers a heap-based overflow in veex.dll due to improper length calculation, and 2 a CPIO...