fkie_nvd - fkie_cve-2007-4787

fkie_cve-2007-4787

Vulnerability from fkie_nvd

Published

2007-09-10 21:17

Modified

2024-11-21 00:36

Severity ?

Summary

The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB, (2) LZH, and (3) RAR files with modified headers, which might allow remote attackers to bypass malware detection.

References

URL	Tags
cve@mitre.org	http://osvdb.org/37988
cve@mitre.org	http://secunia.com/advisories/26726
cve@mitre.org	http://www.securityfocus.com/bid/25574
cve@mitre.org	http://www.sophos.com/support/knowledgebase/article/29146.html	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3078
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/36502
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/37988
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26726
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/25574
af854a3a-2127-422b-91ae-364da2661108	http://www.sophos.com/support/knowledgebase/article/29146.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3078
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/36502

Impacted products

Vendor	Product	Version
sophos	scanning_engine	2.30.4
sophos	sophos_anti-virus	3.4.6
sophos	sophos_anti-virus	3.78
sophos	sophos_anti-virus	3.78d
sophos	sophos_anti-virus	3.79
sophos	sophos_anti-virus	3.80
sophos	sophos_anti-virus	3.81
sophos	sophos_anti-virus	3.82
sophos	sophos_anti-virus	3.83
sophos	sophos_anti-virus	3.84
sophos	sophos_anti-virus	3.85
sophos	sophos_anti-virus	3.86
sophos	sophos_anti-virus	3.90
sophos	sophos_anti-virus	3.91
sophos	sophos_anti-virus	3.95
sophos	sophos_anti-virus	3.96
sophos	sophos_anti-virus	4.04
sophos	sophos_anti-virus	4.05
sophos	sophos_anti-virus	4.5.3
sophos	sophos_anti-virus	4.5.4
sophos	sophos_anti-virus	4.5.11
sophos	sophos_anti-virus	4.5.12
sophos	sophos_anti-virus	4.7.1
sophos	sophos_anti-virus	4.7.2
sophos	sophos_anti-virus	5.0.1
sophos	sophos_anti-virus	5.0.2
sophos	sophos_anti-virus	5.0.4
sophos	sophos_anti-virus	5.1
sophos	sophos_anti-virus	5.2.0
sophos	sophos_anti-virus	5.2.1
sophos	sophos_anti-virus	6.0
sophos	sophos_anti-virus	6.5
sophos	sophos_anti-virus	6.5.4_r2
sophos	sophos_anti-virus	6.5.8
sophos	sophos_anti-virus	7.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sophos:scanning_engine:2.30.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A092119-BF22-4FDC-8922-4993AEAA1327",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "22A1739A-B77D-4CD6-9943-52B336EC2F22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D4EB83-A8A4-48F2-A835-FA192ADB3BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
              "matchCriteriaId": "1609D51F-41D1-441C-9EA8-3F0510D8ED8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ABBFB36-0A7C-45ED-9907-867F31884113",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "23543D87-E4B6-4B74-A490-378D45AA3481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4DBC8E3-0344-413A-8C4A-F48CBAAFAB91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
              "matchCriteriaId": "28C3AD19-26F4-4AFF-8207-86017509EECC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EFC7217-88A6-4241-8FD9-4B7E2683F696",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDC8C9FC-9D35-455D-9597-3B2E63845B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
              "matchCriteriaId": "E07255F9-5726-4FDB-81A3-D0D55AD1F709",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD1A8D69-0A33-4F47-B1BA-8BC898A3E7EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "06164FCF-CC47-406D-8561-DDA797B29673",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "A323A588-59DD-4D89-A224-A6FF7BBD7B37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.95:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7CDEAF9-0769-4570-8191-DA368938FDFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.96:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A5FB0BA-1F4B-46C3-BE36-65CBD184FBFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "C58081BD-443D-41A7-B21D-A0B6BD3BD3DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB2AEEEC-5F50-42B0-9F04-A608C838FDAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B0A4880-4C6D-45F4-A9E3-45F89565A70E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "04626D03-3B5D-47F6-A07A-743EB1A64AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.5.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "30C4EDD2-C20F-4837-87B5-41C3A0992B20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.5.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB106B11-74FD-4CB9-9574-F7F5068E7708",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9292DAA0-12B3-44B8-ADA5-000C310E08B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2852BD18-84FD-43A6-A260-8AEEEA8CCB6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0756438F-DD69-4213-9069-FA613A5D729E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6283405-A087-4CAA-8B7E-9FCA9712C104",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0FB0CD9-91CB-43C5-9CB5-1B3BC665D134",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9096CCF-D46E-48AE-8357-5F06868A3935",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7ACD53C-E3D3-4CAE-BA22-A895446DDB58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1D13F9B-8CCB-4560-961D-00C7A2A9AD9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD86E1E2-2CDE-4567-B894-D46F7D30D988",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F38D18C6-4F62-4013-A862-0195AEE82A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:6.5.4_r2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1305099-EC14-4D02-9F26-92D5CC1B324C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:6.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "140C2E15-9C9C-4478-8B6F-97B48AD5F9B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sophos:sophos_anti-virus:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEA43C43-167B-43CA-A768-B18E2B422D90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB, (2) LZH, and (3) RAR files with modified headers, which might allow remote attackers to bypass malware detection."
    },
    {
      "lang": "es",
      "value": "El motor de detecci\u00f3n de virus en Sophos Anti-Virus anterior a 2.49.0 no procesa adecuadamente los archivos malformados (1) CAB, (2) LZH, y (3) RAR con cabeceras modificadas, lo cual podr\u00eda permitir a atacantes remotos evitar la detecci\u00f3n de c\u00f3digo malicioso."
    }
  ],
  "id": "CVE-2007-4787",
  "lastModified": "2024-11-21T00:36:27.020",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-09-10T21:17:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/37988"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/26726"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/25574"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.sophos.com/support/knowledgebase/article/29146.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3078"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36502"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/37988"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26726"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25574"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.sophos.com/support/knowledgebase/article/29146.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3078"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36502"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2007-4787

Vulnerability from cvelistv5

Published

2007-09-10 21:00

Modified

2024-08-07 15:08