Intrusion PreventionSophos.Anti-Virus.CHM.File.Heap.Overflow
Description
This indicates a possible attempt to exploit a buffer overflow vulnerability in Sophos Anti-Virus and Endpoint Security.
This vulnerability is a result of a heap overflow error that occurs when handling malformed CHM files. It can be exploited by attackers to execute arbitrary commands and compromise a vulnerable system, for example by sending an e-mail containing a malicious file to a computer being protected by the application.
Affected Products
Sophos Anti-Virus + Application Control for Windows 2000/XP/2003 versions 6.x
Sophos Anti-Virus for Windows 2000/XP/2003 versions 6.x
Sophos Endpoint Security + Application Control 2000/XP/2003 versions 6.x
Sophos Endpoint Security versions 6.x
Sophos Anti-Virus for Linux (on-access) versions 5.x
Sophos Anti-Virus for AIX (PowerPC) versions 4.x
Sophos Anti-Virus for FreeBSD 6+ versions 4.x
Sophos Anti-Virus for FreeBSD 5.2+ versions 4.x
Sophos Anti-Virus for FreeBSD 3+ versions 4.x
Sophos Anti-Virus for FreeBSD 4.5+ versions 4.x
Sophos Anti-Virus for HP-UX (AMD64, glibc 2.3) versions 4.x
Sophos Anti-Virus for HP-UX (Itanium) versions 4.x
Sophos Anti-Virus for Linux (AMD64, glibc 2.3) versions 4.x
Sophos Anti-Virus for Linux (Intel, libc6) versions 4.x
Sophos Anti-Virus for Linux (Intel, libc6-glibc2.2) versions 4.x
Sophos Anti-Virus for Solaris (SPARC) versions 4.x
Sophos Anti-Virus for Solaris (Intel) versions 4.x
Sophos Anti-Virus for Tru64 UNIX (Alpha) versions 4.x
Sophos Anti-Virus for Windows 95/98/Me versions 4.x
Sophos Anti-Virus for Windows NT/2000/XP versions 4.x
Sophos Anti-Virus for NetWare versions 4.x
Sophos Anti-Virus for Windows NT versions 4.x
Sophos Anti-Virus for Macintosh versions 4.x
Sophos Anti-Virus for OS X versions 4.x
Impact
Denial of service: memory corruption.
Recommended Actions
Apply fixes :
http://www.sophos.com/support/updates
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2019-02-01 | 14.540 | Name:Sophos. Antivirus. CHM. File. Heap. Overflow:Sophos. Anti-Virus. CHM. File. Heap. Overflow |
| ID | 14254 |
| Created | Mar 06, 2007 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2006-5646 |
| Exploit Prediction Score | 72.42% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |