Sophos Sophos Anti-virus — known CVE vulnerabilities
Every CVE whose affected-product data names Sophos Sophos Anti-virus, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (35)
CVE-2006-6335 — CVSS 10.0 (critical): Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 allow remote attackers to execute arbitrary code via (1) a SIT…
CVE-2004-0933 — CVSS 7.5 (high): Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure…
CVE-2004-0934 — CVSS 7.5 (high): Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to…
CVE-2004-0935 — CVSS 7.5 (high): Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both…
CVE-2004-0936 — CVSS 7.5 (high): RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero…
CVE-2004-0937 — CVSS 7.5 (high): Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass…
CVE-2004-1096 — CVSS 7.5 (high): Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus…
CVE-2004-0932 — CVSS 7.5 (high): McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote…
CVE-2005-2768 — CVSS 7.5 (high): Heap-based buffer overflow in the Sophos Antivirus Library, as used by Sophos Antivirus, PureMessage, MailMonitor, and other products…
CVE-2006-0994 — CVSS 7.5 (high): Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x before 4.05, when cabinet file inspection is…
CVE-2014-1213 — CVSS 5.6 (medium): Sophos Anti-Virus engine (SAVi) before 3.50.1, as used in VDL 4.97G 9.7.x before 9.7.9, 10.0.x before 10.0.11, and 10.3.x before 10.3.1…
CVE-2005-1551 — CVSS 5.1 (medium): Sophos Anti-Virus 3.93 does not check downloaded files for viruses when they have only been written, which creates a race condition and may…
CVE-2005-3216 — CVSS 5.1 (medium): Multiple interpretation error in unspecified versions of Sophos Antivirus allows remote attackers to bypass virus detection via a malicious…
CVE-2005-4680 — CVSS 5.0 (medium): Sophos Anti-Virus before 4.02, 4.5.x before 4.5.9, 4.6.x before 4.6.9, and 5.x before 5.1.4 allow remote attackers to hide arbitrary files…
CVE-2006-4839 — CVSS 5.0 (medium): Sophos Anti-Virus 5.1 allows remote attackers to cause a denial of service (memory consumption) via a file that is compressed with Petite…
CVE-2005-1530 — CVSS 5.0 (medium): Sophos Anti-Virus 5.0.1, with "Scan inside archive files" enabled, allows remote attackers to cause a denial of service (CPU consumption by…
CVE-2007-4787 — CVSS 5.0 (medium): The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB, (2) LZH, and (3) RAR files with…
CVE-2008-3177 — CVSS 5.0 (medium): Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus…
CVE-2004-2088 — CVSS 5.0 (medium): Sophos Anti-Virus 3.78 allows remote attackers to bypass virus scanning by using a qmail generated Delivery Status Notification (DSN) where…
CVE-2005-3382 — CVSS 5.0 (medium): Multiple interpretation error in Sophos 3.91 with the 2.28.4 engine allows remote attackers to bypass virus scanning via a file such as…
CVE-2012-1427 — CVSS 4.3 (medium): The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0 allows remote attackers…
CVE-2012-1428 — CVSS 4.3 (medium): The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0 allows remote attackers…
CVE-2012-1438 — CVSS 4.3 (medium): The Microsoft Office file parser in Comodo Antivirus 7425 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection…
CVE-2012-1450 — CVSS 4.3 (medium): The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Sophos Anti-Virus 4.61.0, and Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0…
CVE-2012-1456 — CVSS 4.3 (medium): The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware…
CVE-2012-1458 — CVSS 4.3 (medium): The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a…
CVE-2012-1459 — CVSS 4.3 (medium): The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus…