Sophos Antivirus contains multiple vulnerabilities including memory corruption issues and design flaws.
Sophos Antivirus contains multiple vulnerabilities including memory corruption issues and design flaws. Tavis Ormandy's security report lists the following vulnerabilities. These vulnerabilities are new and separate from Tavis' 2011 report entitled "Sophail: A Critical Analysis of Sophos Antivirus." [PDF] Additional details are available in Tavis Ormandy's full report entitled, "Sophail: Applied attacks against Sophos Antivirus." [PDF] A response from Sophos has been posted to their blog: "Sophos products and Tavis Ormandy."
Integer overflow parsing Visual Basic 6 controls
An attacker may be able to gain control of the system, escalate privileges, or cause a denial-of-service condition.
Apply an Update
Thanks to Tavis Ormandy for reporting this vulnerability.
This document was written by Jared Allar.
|Date First Published:||2012-11-05|
|Date Last Updated:||2012-11-06 13:17 UTC|