返回 CVE 浏览器

CVE-2008-6904

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1710%

EPSS Percentile44.23th

Published2009年8月6日

Last Modified2026年4月23日

Vulnerability Description

Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) armadillo, (2) asprotect, or (3) asprotectSKE.

Affected Platforms (CPE)

📦

Sophos

Anti Virus

= 4.7.18

📦

Sophos

Anti Virus

= 4.7.18

📦

Sophos

Anti Virus

= 4.9.18

📦

Sophos

Anti Virus

= 4.37.0

📦

Sophos

Anti Virus

= 6.4.5

📦

Sophos

Anti Virus

= 7.0.5

📦

Sophos

Anti Virus7.6.3

All versions

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=122893252316489&w=2

🔗 http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html

🔗 http://www.securityfocus.com/bid/32748

🔗 http://www.sophos.com/support/knowledgebase/article/50611.html

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/52443

🔗 http://marc.info/?l=bugtraq&m=122893252316489&w=2

🔗 http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html

🔗 http://www.securityfocus.com/bid/32748

相关漏洞威胁

CVE-2006-594010.0

Unspecified vulnerability in Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors related to "Intege...

CVE-2005-305710.0

The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers ...

CVE-2006-593810.0

Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors involving an uninitialized variable and a craft...

CVE-2006-640910.0

F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and ...