CVE-2007-4578 - Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a de

CVE-2007-4578

Summary

Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researcher is reliable.

References

Vulnerable Configurations

cpe:2.3:a:sophos:anti-virus:3.4.6:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.4.6:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.78:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.78:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.78d:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.78d:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.79:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.79:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.80:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.80:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.81:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.81:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.82:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.82:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.83:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.83:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.84:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.84:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.85:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.85:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.86:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.86:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.90:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.90:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.91:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.91:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.95:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.95:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.96.0:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:3.96.0:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.03:*:linux:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.03:*:linux:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.04:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.04:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.05:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.05:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.5.3:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.5.3:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.5.4:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.5.4:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.5.11:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.5.11:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.5.12:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.5.12:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.7.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.7.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.7.2:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:4.7.2:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.0.9:*:linux:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.0.9:*:linux:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.2:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.2:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:6.5:*:*:*:*:*:*:*
cpe:2.3:a:sophos:anti-virus:6.5:*:*:*:*:*:*:*
cpe:2.3:a:sophos:scanning_engine:2.30.4:*:*:*:*:*:*:*
cpe:2.3:a:sophos:scanning_engine:2.30.4:*:*:*:*:*:*:*
cpe:2.3:a:sophos:scanning_engine:2.40.2:*:*:*:*:*:*:*
cpe:2.3:a:sophos:scanning_engine:2.40.2:*:*:*:*:*:*:*
cpe:2.3:a:sophos:small_business_suite:4.04:*:*:*:*:*:*:*
cpe:2.3:a:sophos:small_business_suite:4.04:*:*:*:*:*:*:*
cpe:2.3:a:sophos:small_business_suite:4.05:*:*:*:*:*:*:*
cpe:2.3:a:sophos:small_business_suite:4.05:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 15-10-2018 - 21:36)
Impact:
Exploitability:

CWE

CWE-189

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bid	25428
bugtraq	20070824 n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory 20070827 RE: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory 20070827 Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory
confirm	http://www.sophos.com/support/knowledgebase/article/28407.html
misc	http://www.nruns.com/security_advisory_sophos_upx_infinite_loop_dos.php
sectrack	1018608
secunia	26580
sreason	3072
vupen	ADV-2007-2972

Last major update

15-10-2018 - 21:36

Published

28-08-2007 - 18:17

Last modified

15-10-2018 - 21:36