Sophos Anti-Virus UPX and BZIP File Multiple Vulnerabilities

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is affected by
multiple vulnerabilities.

Description :

The version of Sophos Anti-Virus installed on the remote host
reportedly contains several problems involving the processing of 'UPX'
and 'BZIP' files. If a remote attacker can cause a malicious file to
be scanned by the affected application, these issues could be
leveraged to crash the affected application, fill up space on the disk
volume used for Engine temporary files, or possibly even execute
arbitrary code.

See also :

http://seclists.org/bugtraq/2007/Aug/412
http://seclists.org/bugtraq/2007/Aug/437
http://seclists.org/bugtraq/2007/Sep/22
http://www.sophos.com/support/knowledgebase/article/28407.html

Solution :

Update to Sophos Anti-Virus engine version 2.48.0 or later.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.8
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 25933 ()

Bugtraq ID: 25428

CVE ID: CVE-2007-4577
CVE-2007-4578

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now