| Vulnerability Name: | CVE-2006-5647 (CCN-29924) | ||||||||
| Assigned: | 2006-10-27 | ||||||||
| Published: | 2006-10-27 | ||||||||
| Updated: | 2011-03-07 | ||||||||
| Summary: | Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a malformed CHM file with a large name length in the CHM chunk header, aka "CHM name length memory consumption vulnerability." | ||||||||
| CVSS v3 Severity: | 8.2 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H)
| ||||||||
| CVSS v2 Severity: | 6.4 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P) 5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P/E:POC/RL:OF/RC:C)
6.6 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:C/E:POC/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-119 | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-5647 Source: IDEFENSE Type: UNKNOWN 20061208 Sophos Antivirus CHM Chunk Name Length Memory Corruption Vulnerability Source: CCN Type: SA22591 Sophos Anti-Virus RAR and CHM Denial of Service Vulnerabilities Source: SECUNIA Type: Vendor Advisory 22591 Source: CCN Type: SECTRACK ID: 1017132 Sophos Anti-Virus Bugs in Processing Petite Archives, RAR Archives, and CHM Files Let Remote Users Deny Service Source: SECTRACK Type: UNKNOWN 1017132 Source: CCN Type: OSVDB ID: 30114 Sophos Anti-Virus Crafted CHM Chunk Header Handling DoS Source: BID Type: UNKNOWN 20816 Source: CCN Type: BID-20816 Sophos Antivirus Multiple Denial of Service and Memory Corruption Vulnerabilities Source: CCN Type: Sophos Support Knowledgebase Article 17609 Advisory: Vulnerabilities reported by iDefense Source: CONFIRM Type: UNKNOWN http://www.sophos.com/support/knowledgebase/article/7609.html Source: VUPEN Type: Vendor Advisory ADV-2006-4239 Source: XF Type: UNKNOWN sophos-chm-header-dos(29924) Source: CCN Type: iDefense Labs PUBLIC ADVISORY: 12.08.06 Sophos Antivirus CHM Chunk Name Length Memory Corruption Vulnerability | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||