Back to CVE Browser

CVE-2008-6904

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1710%

EPSS Percentile44.23th

PublishedAug 6, 2009

Last ModifiedApr 23, 2026

Vulnerability Description

Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) armadillo, (2) asprotect, or (3) asprotectSKE.

Affected Platforms (CPE)

📦

Sophos

Anti Virus

= 4.7.18

📦

Sophos

Anti Virus

= 4.7.18

📦

Sophos

Anti Virus

= 4.9.18

📦

Sophos

Anti Virus

= 4.37.0

📦

Sophos

Anti Virus

= 6.4.5

📦

Sophos

Anti Virus

= 7.0.5

📦

Sophos

Anti Virus7.6.3

All versions

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=122893252316489&w=2

🔗 http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html

🔗 http://www.securityfocus.com/bid/32748

🔗 http://www.sophos.com/support/knowledgebase/article/50611.html

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/52443

🔗 http://marc.info/?l=bugtraq&m=122893252316489&w=2

🔗 http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html

🔗 http://www.securityfocus.com/bid/32748

Related Vulnerabilities

CVE-2006-594010.0

Unspecified vulnerability in Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors related to "Intege...

CVE-2005-305710.0

The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers ...

CVE-2006-593810.0

Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors involving an uninitialized variable and a craft...

CVE-2006-640910.0

F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and ...