CVE-2008-6904
Sophos Anti-Virus - Denial of Service via Crafted Packed Files
Title source: llmDescription
Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) armadillo, (2) asprotect, or (3) asprotectSKE.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/52443
Various Sources x_refsource_misc
http://www.ivizsecurity.com/security-advisory-iviz-sr-08015.html
Vendor Advisory x_refsource_misc
http://www.sophos.com/support/knowledgebase/article/50611.html
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=122893252316489&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/32748
Scores
EPSS
0.0596
EPSS Percentile
90.8%
Details
Status
published
Products (6)
sophos/anti-virus
4.7.18 (2 CPE variants)
sophos/anti-virus
4.9.18
sophos/anti-virus
4.37.0
sophos/anti-virus
6.4.5
sophos/anti-virus
7.0.5
sophos/anti-virus7.6.3
Published
Aug 06, 2009
Tracked Since
Feb 18, 2026