Sophos Anti-Virus UPX and BZIP File Multiple Vulnerabilities

High Nessus Plugin ID 25933


The remote Windows host has an application that is affected by multiple vulnerabilities.


The version of Sophos Anti-Virus installed on the remote host reportedly contains several problems involving the processing of 'UPX' and 'BZIP' files. If a remote attacker can cause a malicious file to be scanned by the affected application, these issues could be leveraged to crash the affected application, fill up space on the disk volume used for Engine temporary files, or possibly even execute arbitrary code.


Update to Sophos Anti-Virus engine version 2.48.0 or later.

See Also

Plugin Details

Severity: High

ID: 25933

File Name: sophos_2_48_0.nasl

Version: $Revision: 1.19 $

Type: local

Agent: windows

Family: Windows

Published: 2007/08/27

Modified: 2016/12/09

Dependencies: 12215

Risk Information

Risk Factor: High


Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:sophos:sophos_anti-virus

Required KB Items: Antivirus/Sophos/installed, Antivirus/Sophos/eng_ver

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2007/08/23

Vulnerability Publication Date: 2007/08/24

Reference Information

CVE: CVE-2007-4577, CVE-2007-4578

BID: 25428

OSVDB: 37986, 37987

CWE: 189, 399