Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Sophos Subscribe
Filtered by product Endpoint Security
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-5645 1 Sophos 2 Anti-virus, Endpoint Security 2018-10-17 5.0 MEDIUM N/A
Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero.
CVE-2006-5646 1 Sophos 2 Anti-virus, Endpoint Security 2011-03-06 5.0 MEDIUM N/A
Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0.
CVE-2006-5647 1 Sophos 2 Anti-virus, Endpoint Security 2011-03-06 6.4 MEDIUM N/A
Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a malformed CHM file with a large name length in the CHM chunk header, aka "CHM name length memory consumption vulnerability."