2007-08-28 20:17:00 2018-10-15 23:36:30

Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a "BZip bomb").

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE
Sophos Anti-virus 6.5 (not an official CPE) Sophos Anti-virus 5.2.1 (not an official CPE) Sophos Anti-virus 5.2 (not an official CPE) Sophos Anti-virus 5.1 (not an official CPE) Sophos Anti-virus 5.0.9 Linux (not an official CPE) Sophos Anti-virus 5.0.9 (not an official CPE) Sophos Anti-virus 5.0.4 (not an official CPE) Sophos Anti-virus 5.0.2 (not an official CPE) Sophos Anti-virus 5.0.1 (not an official CPE) Sophos Anti-virus 4.7.2 (not an official CPE) Sophos Anti-virus 4.7.1 (not an official CPE) Sophos Anti-virus 4.5.12 (not an official CPE) Sophos Anti-virus 4.5.11 (not an official CPE) Sophos Anti-virus 4.5.4 (not an official CPE) Sophos Anti-virus 4.5.3 (not an official CPE) Sophos Anti-virus 4.05 (not an official CPE) Sophos Anti-virus 4.04 (not an official CPE) Sophos Anti-virus 4.03 Linux (not an official CPE) Sophos Anti-virus 3.96.0 (not an official CPE) Sophos Anti-virus 3.95 (not an official CPE) Sophos Anti-virus 3.91 (not an official CPE) Sophos Anti-virus 3.90 (not an official CPE) Sophos Anti-virus 3.86 (not an official CPE) Sophos Anti-virus 3.85 (not an official CPE) Sophos Anti-virus 3.84 (not an official CPE) Sophos Anti-virus 3.83 (not an official CPE) Sophos Anti-virus 3.82 (not an official CPE) Sophos Anti-virus 3.81 (not an official CPE) Sophos Anti-virus 3.80 (not an official CPE) Sophos Anti-virus 3.79 (not an official CPE) Sophos Anti-virus 3.78d (not an official CPE) Sophos Anti-virus 3.78 (not an official CPE) Sophos Anti-virus 3.4.6 (not an official CPE) Sophos Scanning engine 2.30.4 (not an official CPE) Sophos Scanning engine 2.40.2 (not an official CPE) Sophos Small business suite 4.04 (not an official CPE) Sophos Small business suite 4.05 (not an official CPE)