This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote device uses an antivirus program that is affected by
The remote Cisco IronPort appliance has a version of the Sophos
Anti-Virus engine that is 3.2.07.352_4.80 or earlier. It is,
therefore, reportedly affected by the following vulnerabilities :
- An integer overflow exists when parsing Visual Basic 6
- A memory corruption issue exists in the Microsoft CAB
- A memory corruption issue exists in the RAR virtual
machine standard filters.
- A privilege escalation vulnerability exists in the
network update service.
- A stack-based buffer overflow issue exists in the PDF
An unauthenticated, remote attacker could leverage these issues to
gain control of the system, escalate privileges, or cause a denial-of-
See also :
Update to Sophos engine version 3.2.07.363_4.83 as discussed in Cisco
Security Advisory cisco-sa-20121108-sophos.
Risk factor :
High / CVSS Base Score : 9.7
CVSS Temporal Score : 8.0
Public Exploit Available : true
Nessus Plugin ID: 70125 ()
Bugtraq ID: 56401
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.