CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
97.5%
Sophos Anti-Virus 5.0.1, with “Scan inside archive files” enabled, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a Bzip2 archive with a large ‘Extra field length’ value.
Vendor | Product | Version | CPE |
---|---|---|---|
sophos | sophos_anti-virus | 3.4.6 | cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:* |
sophos | sophos_anti-virus | 3.78 | cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:* |
sophos | sophos_anti-virus | 3.78d | cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:* |
sophos | sophos_anti-virus | 3.79 | cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:* |
sophos | sophos_anti-virus | 3.80 | cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:* |
sophos | sophos_anti-virus | 3.81 | cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:* |
sophos | sophos_anti-virus | 3.82 | cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:* |
sophos | sophos_anti-virus | 3.83 | cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:* |
sophos | sophos_anti-virus | 3.84 | cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:* |
sophos | sophos_anti-virus | 3.85 | cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:* |