CVE-2007-4787
Sophos Anti-Virus < 2.49.0 - Malware Detection Bypass via Malformed CAB, LZH, or RAR Headers
Title source: llmDescription
The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB, (2) LZH, and (3) RAR files with modified headers, which might allow remote attackers to bypass malware detection.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25574
Patch x_refsource_confirm
http://www.sophos.com/support/knowledgebase/article/29146.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/37988
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36502
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3078
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26726
Scores
EPSS
0.0363
EPSS Percentile
88.0%
Details
CWE
CWE-20
Status
published
Products (35)
sophos/scanning_engine
2.30.4
sophos/sophos_anti-virus
3.4.6
sophos/sophos_anti-virus
3.78
sophos/sophos_anti-virus
3.78d
sophos/sophos_anti-virus
3.79
sophos/sophos_anti-virus
3.80
sophos/sophos_anti-virus
3.81
sophos/sophos_anti-virus
3.82
sophos/sophos_anti-virus
3.83
sophos/sophos_anti-virus
3.84
... and 25 more
Published
Sep 10, 2007
Tracked Since
Feb 18, 2026