This script is Copyright (C) 2014 Tenable Network Security, Inc.
An antivirus application on the remote Windows host is affected by a
denial of service vulnerability.
The Sophos Anti-Virus install on the remote host uses an engine version
earlier than 3.50.1. As such, it reportedly has a misconfigured Access
Control List (ACL) on certain system objects that could allow a local
attacker to cause the host to become sluggish and eventually crash, or
display false 'ready for update' message popups.
See also :
Upgrade to Sophos Anti-Virus engine version 3.50.1 or later.
Risk factor :
Medium / CVSS Base Score : 4.9
CVSS Temporal Score : 3.8
Public Exploit Available : true
Nessus Plugin ID: 72337 ()
Bugtraq ID: 65286
CVE ID: CVE-2014-1213
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.