How to Buy
This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.
The remote Windows host has an antivirus application that is affected
by multiple vulnerabilities.
According to its version number, the Sophos Anti-Virus installation on
the remote Windows host is affected by multiple vulnerabilities :
- An integer overflow exists when parsing Visual Basic 6
- An ASLR bypass exists in 'sophos_detoured_x64.dll'.
- A universal cross-site scripting vulnerability exists
in the template for the LSP block page.
- A memory corruption issue exists in the Microsoft CAB
- A memory corruption issue exists in the RAR virtual
machine standard filters.
- A privilege escalation vulnerability exists in the
network update service.
- A stack-based buffer overflow issue exists in the PDF
See also :
Upgrade to Sophos Anti-Virus version 10.0.9 / 10.2.1 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true
Nessus Plugin ID: 62948 ()
Bugtraq ID: 56401
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.