cve-2007-4577
Vulnerability from cvelistv5
Published
2007-08-28 18:00
Modified
2024-08-07 15:01
Severity ?
EPSS score ?
Summary
Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a "BZip bomb").
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:01:09.876Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2972",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2972"
},
{
"name": "25428",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25428"
},
{
"name": "26580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26580"
},
{
"name": "3073",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3073"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sophos.com/support/knowledgebase/article/28407.html"
},
{
"name": "20070824 n.runs-SA-2007.026 - Sophos Antivirus BZip parsing Infinite Loop Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/477727/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/security_advisory_sophos_gzip_infinite_loop_dos.php"
},
{
"name": "1018608",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018608"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a \"BZip bomb\")."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-2972",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2972"
},
{
"name": "25428",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25428"
},
{
"name": "26580",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26580"
},
{
"name": "3073",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3073"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sophos.com/support/knowledgebase/article/28407.html"
},
{
"name": "20070824 n.runs-SA-2007.026 - Sophos Antivirus BZip parsing Infinite Loop Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/477727/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/security_advisory_sophos_gzip_infinite_loop_dos.php"
},
{
"name": "1018608",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018608"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a \"BZip bomb\")."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2972",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2972"
},
{
"name": "25428",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25428"
},
{
"name": "26580",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26580"
},
{
"name": "3073",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3073"
},
{
"name": "http://www.sophos.com/support/knowledgebase/article/28407.html",
"refsource": "CONFIRM",
"url": "http://www.sophos.com/support/knowledgebase/article/28407.html"
},
{
"name": "20070824 n.runs-SA-2007.026 - Sophos Antivirus BZip parsing Infinite Loop Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477727/100/0/threaded"
},
{
"name": "http://www.nruns.com/security_advisory_sophos_gzip_infinite_loop_dos.php",
"refsource": "MISC",
"url": "http://www.nruns.com/security_advisory_sophos_gzip_infinite_loop_dos.php"
},
{
"name": "1018608",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018608"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4577",
"datePublished": "2007-08-28T18:00:00",
"dateReserved": "2007-08-28T00:00:00",
"dateUpdated": "2024-08-07T15:01:09.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:3.4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E45839C3-4753-4D22-8FA7-9B0DF6C93414\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:3.78:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8DF9F90F-3E38-496F-A84A-45FC60B7613E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:3.78d:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A27F909C-E84F-466F-BB40-D43A0570B9C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:3.79:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"76354221-841C-443C-921A-6242BF875918\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:3.80:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"245520DD-FDA3-4470-94C9-4A351D028BF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:3.81:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"147AF135-4638-4015-B1C1-411611C3FC86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:3.82:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BAAFDEA-B08E-4BA9-9333-DFDC35B00D71\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:3.83:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C4E27696-23CE-4ADD-9859-B0CB1DF02E16\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:3.84:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44F9357C-2CFC-4866-8D22-E5BE48182D98\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:3.85:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"19A98770-8AF2-4B2D-9783-8E2B01D631E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:3.86:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30136876-3778-4C3A-9CE3-0440588594A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:3.90:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39972E3A-B377-44DC-B16B-AA6E7ECCE29D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:3.91:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58B3AE9A-2337-4225-8C1B-87933EE99E18\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:3.95:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5922BAB-7DF5-4F65-AC6E-038900B79396\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:3.96.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5816EC94-1005-4467-825A-6BB43525FE43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:4.03:*:linux:*:*:*:*:*\", \"matchCriteriaId\": \"DD24F0C5-CB2B-4C67-BD0E-34A1C6358618\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:4.04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D9D6E1E-9FA4-4BA1-8648-2E1A6A8FC4CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:4.05:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"799249AD-3E8A-4584-A680-A3E618B5372D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:4.5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"587205B1-322E-478D-9B46-8F20F371C87C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:4.5.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9B6B5D4-E335-4377-8D98-87656522D056\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:4.5.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0ED1228F-0733-42D9-853A-B1EB4EB20A91\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:4.5.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"136B6228-D71B-4985-B555-5ABC38EF2B42\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:4.7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4518D58D-BD49-4E02-AB93-B1B45B774F2E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:4.7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A398BC60-0F67-4A32-A6CD-F3410D81834F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:5.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55D2CFB6-F135-40B5-ACF8-D6513C0AB682\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:5.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B781BEA-E3D6-4260-913F-99D46DCC97D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:5.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D7952D2-2FE4-44E3-B964-976964CFFB3E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:5.0.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"05361082-2A61-40D9-9EEE-6ED3C032FB22\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:5.0.9:*:linux:*:*:*:*:*\", \"matchCriteriaId\": \"98A094D5-C2AD-4DFE-A088-0011268BB65C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0AF1DE9-A0A1-4193-9AD9-56BF39F3557A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE7CC4E8-C039-4895-A3EF-BF1927266744\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:5.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67E8DF83-4F1B-4E4C-A613-EF0C4502FA5F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:anti-virus:6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"41FAD883-919D-4719-A964-C93F40EE658D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:scanning_engine:2.30.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A092119-BF22-4FDC-8922-4993AEAA1327\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:scanning_engine:2.40.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4E7AE52-0978-4EBB-8177-CCF792B98DAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:small_business_suite:4.04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B8657D5-7DB2-428D-9125-B3BC4D5F2263\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sophos:small_business_suite:4.05:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"190B0808-8ABD-499C-8A84-7B630BB1E2E0\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a \\\"BZip bomb\\\").\"}, {\"lang\": \"es\", \"value\": \"Sophos Anti-Virus para Unix/Linux anterior a 2.48.0 permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (bucle infinito) mediante un archivo BZip mal formado que resulta en la creaci\\u00f3n de m\\u00faltiples ficheros Engine temporales (tambi\\u00e9n conocida como \\\"bomba BZip\\\").\"}]",
"id": "CVE-2007-4577",
"lastModified": "2024-11-21T00:35:56.053",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2007-08-28T18:17:00.000",
"references": "[{\"url\": \"http://secunia.com/advisories/26580\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/3073\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1018608\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.nruns.com/security_advisory_sophos_gzip_infinite_loop_dos.php\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/477727/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/25428\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.sophos.com/support/knowledgebase/article/28407.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/2972\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/26580\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/3073\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1018608\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.nruns.com/security_advisory_sophos_gzip_infinite_loop_dos.php\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/477727/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/25428\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.sophos.com/support/knowledgebase/article/28407.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/2972\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-399\"}, {\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2007-4577\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-08-28T18:17:00.000\",\"lastModified\":\"2024-11-21T00:35:56.053\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a \\\"BZip bomb\\\").\"},{\"lang\":\"es\",\"value\":\"Sophos Anti-Virus para Unix/Linux anterior a 2.48.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (bucle infinito) mediante un archivo BZip mal formado que resulta en la creaci\u00f3n de m\u00faltiples ficheros Engine temporales (tambi\u00e9n conocida como \\\"bomba BZip\\\").\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"},{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E45839C3-4753-4D22-8FA7-9B0DF6C93414\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.78:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DF9F90F-3E38-496F-A84A-45FC60B7613E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.78d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A27F909C-E84F-466F-BB40-D43A0570B9C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.79:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76354221-841C-443C-921A-6242BF875918\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.80:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"245520DD-FDA3-4470-94C9-4A351D028BF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.81:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"147AF135-4638-4015-B1C1-411611C3FC86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.82:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BAAFDEA-B08E-4BA9-9333-DFDC35B00D71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.83:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4E27696-23CE-4ADD-9859-B0CB1DF02E16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.84:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44F9357C-2CFC-4866-8D22-E5BE48182D98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.85:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19A98770-8AF2-4B2D-9783-8E2B01D631E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.86:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30136876-3778-4C3A-9CE3-0440588594A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.90:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39972E3A-B377-44DC-B16B-AA6E7ECCE29D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.91:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58B3AE9A-2337-4225-8C1B-87933EE99E18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.95:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5922BAB-7DF5-4F65-AC6E-038900B79396\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:3.96.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5816EC94-1005-4467-825A-6BB43525FE43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.03:*:linux:*:*:*:*:*\",\"matchCriteriaId\":\"DD24F0C5-CB2B-4C67-BD0E-34A1C6358618\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D9D6E1E-9FA4-4BA1-8648-2E1A6A8FC4CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"799249AD-3E8A-4584-A680-A3E618B5372D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"587205B1-322E-478D-9B46-8F20F371C87C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9B6B5D4-E335-4377-8D98-87656522D056\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.5.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ED1228F-0733-42D9-853A-B1EB4EB20A91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.5.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"136B6228-D71B-4985-B555-5ABC38EF2B42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4518D58D-BD49-4E02-AB93-B1B45B774F2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:4.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A398BC60-0F67-4A32-A6CD-F3410D81834F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55D2CFB6-F135-40B5-ACF8-D6513C0AB682\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:5.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B781BEA-E3D6-4260-913F-99D46DCC97D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:5.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D7952D2-2FE4-44E3-B964-976964CFFB3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:5.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05361082-2A61-40D9-9EEE-6ED3C032FB22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:5.0.9:*:linux:*:*:*:*:*\",\"matchCriteriaId\":\"98A094D5-C2AD-4DFE-A088-0011268BB65C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0AF1DE9-A0A1-4193-9AD9-56BF39F3557A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE7CC4E8-C039-4895-A3EF-BF1927266744\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:5.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67E8DF83-4F1B-4E4C-A613-EF0C4502FA5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:anti-virus:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41FAD883-919D-4719-A964-C93F40EE658D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:scanning_engine:2.30.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A092119-BF22-4FDC-8922-4993AEAA1327\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:scanning_engine:2.40.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4E7AE52-0978-4EBB-8177-CCF792B98DAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:small_business_suite:4.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B8657D5-7DB2-428D-9125-B3BC4D5F2263\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sophos:small_business_suite:4.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"190B0808-8ABD-499C-8A84-7B630BB1E2E0\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/26580\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/3073\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1018608\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.nruns.com/security_advisory_sophos_gzip_infinite_loop_dos.php\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/477727/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/25428\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.sophos.com/support/knowledgebase/article/28407.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2972\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/26580\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/3073\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1018608\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.nruns.com/security_advisory_sophos_gzip_infinite_loop_dos.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/477727/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/25428\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.sophos.com/support/knowledgebase/article/28407.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2972\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.