| Vulnerability Name: | CVE-2006-6335 (CCN-30851) | ||||||||
| Assigned: | 2006-12-12 | ||||||||
| Published: | 2006-12-12 | ||||||||
| Updated: | 2018-10-17 | ||||||||
| Summary: | Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 allow remote attackers to execute arbitrary code via (1) a SIT archive with a long filename that is not null-terminated, which triggers a heap-based overflow in veex.dll due to improper length calculation, and (2) a CPIO archive, with a long filename that is not null-terminated, which triggers a stack-based overflow in veex.dll. | ||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C) 7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
7.4 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-6335 Source: CCN Type: SA23325 Sophos Anti-Virus SIT/CPIO File Processing Vulnerabilities Source: SECUNIA Type: UNKNOWN 23325 Source: BUGTRAQ Type: UNKNOWN 20061212 ZDI-06-045: Sophos Anti-Virus CPIO Archive Parsing Buffer Overflow Vulnerability Source: BUGTRAQ Type: UNKNOWN 20061212 ZDI-06-046: Sophos Anti-Virus SIT Archive Parsing Buffer Overflow Vulnerability Source: BID Type: UNKNOWN 21563 Source: CCN Type: BID-21563 Sophos Anti-Virus Scanning Engine Veex.DLL Multiple Buffer Overflow Vulnerabilities Source: CCN Type: Sophos Support Knowledgebase Article 17340 Sophos Anti-Virus: scanning vulnerability identified Source: CONFIRM Type: Vendor Advisory http://www.sophos.com/support/knowledgebase/article/17340.html Source: CONFIRM Type: Vendor Advisory http://www.sophos.com/support/knowledgebase/article/21637.html Source: VUPEN Type: UNKNOWN ADV-2006-4919 Source: MISC Type: Patch, Vendor Advisory http://www.zerodayinitiative.com/advisories/ZDI-06-045.html Source: MISC Type: Patch, Vendor Advisory http://www.zerodayinitiative.com/advisories/ZDI-06-046.html Source: XF Type: UNKNOWN sophos-cpio-bo(30851) Source: XF Type: UNKNOWN sophos-cpio-bo(30851) Source: XF Type: UNKNOWN sophos-sit-bo(30852) Source: CCN Type: ZDI-06-045 Sophos Anti-Virus CPIO Archive Parsing Buffer Overflow Vulnerability | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| Vulnerability Name: | CVE-2006-6335 (CCN-30852) | ||||||||
| Assigned: | 2006-12-12 | ||||||||
| Published: | 2006-12-12 | ||||||||
| Updated: | 2006-12-12 | ||||||||
| Summary: | Multiple Sophos Anti-Virus products are vulnerable to a heap-based buffer overflow, caused by improper handling of SIT archives by the virus engine. By sending a specially-crafted SIT archive containing an overly long non-null terminated filename to a vulnerable system, a remote attacker could overflow a buffer and execute arbitrary code on the system, once the file is processed. | ||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C) 7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
7.4 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-6335 Source: CCN Type: SA23325 Sophos Anti-Virus SIT/CPIO File Processing Vulnerabilities Source: CCN Type: BID-21563 Sophos Anti-Virus Scanning Engine Veex.DLL Multiple Buffer Overflow Vulnerabilities Source: CCN Type: Sophos Support Knowledgebase Article 21637 Sophos Anti-Virus: SIT file vulnerability identified Source: XF Type: UNKNOWN sophos-sit-bo(30852) Source: CCN Type: ZDI-06-046 Sophos Anti-Virus SIT Archive Parsing Buffer Overflow Vulnerability | ||||||||
| BACK | |||||||||