CVE-2006-5647

Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a malformed CHM file with a large name length in the CHM chunk header, aka "CHM name length memory consumption vulnerability."
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sophos:anti-virus:4.04:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.05:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.5.3:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.5.4:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.5.11:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.5.12:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.7.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.7.2:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.2:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:6.0.4:*:*:*:*:*:*:*
cpe:2.3:a:sophos:endpoint_security:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:20

Type Values Removed Values Added
References () http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=451 - () http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=451 -
References () http://secunia.com/advisories/22591 - Vendor Advisory () http://secunia.com/advisories/22591 - Vendor Advisory
References () http://securitytracker.com/id?1017132 - () http://securitytracker.com/id?1017132 -
References () http://www.securityfocus.com/bid/20816 - () http://www.securityfocus.com/bid/20816 -
References () http://www.sophos.com/support/knowledgebase/article/7609.html - () http://www.sophos.com/support/knowledgebase/article/7609.html -
References () http://www.vupen.com/english/advisories/2006/4239 - Vendor Advisory () http://www.vupen.com/english/advisories/2006/4239 - Vendor Advisory

Information

Published : 2006-11-01 15:07

Updated : 2024-11-21 00:20


NVD link : CVE-2006-5647

Mitre link : CVE-2006-5647

CVE.ORG link : CVE-2006-5647


JSON object : View

Products Affected

sophos

  • anti-virus
  • endpoint_security
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer