Vulnerability Details CVE-2005-2768
Heap-based buffer overflow in the Sophos Antivirus Library, as used by Sophos Antivirus, PureMessage, MailMonitor, and other products, allows remote attackers to execute arbitrary code via a Visio file with a crafted sub record length.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.12
EPSS Ranking 93.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=112511873420953&w=2
- http://secunia.com/advisories/16245/
- http://www.rem0te.com/public/images/sophos.pdf
- http://www.securityfocus.com/bid/14362
- http://www.sophos.com/support/knowledgebase/article/3409.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21608
- http://marc.info/?l=bugtraq&m=112511873420953&w=2
- http://secunia.com/advisories/16245/
- http://www.rem0te.com/public/images/sophos.pdf
- http://www.securityfocus.com/bid/14362
- http://www.sophos.com/support/knowledgebase/article/3409.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21608
Products affected by CVE-2005-2768
-
cpe:2.3:a:sophos:sophos_anti-virus:3.4.6
-
cpe:2.3:a:sophos:sophos_anti-virus:3.78
-
cpe:2.3:a:sophos:sophos_anti-virus:3.78d
-
cpe:2.3:a:sophos:sophos_anti-virus:3.79
-
cpe:2.3:a:sophos:sophos_anti-virus:3.80
-
cpe:2.3:a:sophos:sophos_anti-virus:3.81
-
cpe:2.3:a:sophos:sophos_anti-virus:3.82
-
cpe:2.3:a:sophos:sophos_anti-virus:3.83
-
cpe:2.3:a:sophos:sophos_anti-virus:3.84
-
cpe:2.3:a:sophos:sophos_anti-virus:3.85
-
cpe:2.3:a:sophos:sophos_anti-virus:3.86
-
cpe:2.3:a:sophos:sophos_anti-virus:3.90
-
cpe:2.3:a:sophos:sophos_anti-virus:3.91
-
cpe:2.3:a:sophos:sophos_anti-virus:3.95
-
cpe:2.3:a:sophos:sophos_anti-virus:4.5.3
-
cpe:2.3:a:sophos:sophos_anti-virus:5.0.1
-
cpe:2.3:a:sophos:sophos_anti-virus:5.0.4