Heap-based buffer overflow in the Sophos Antivirus Library, as used by Sophos Antivirus, PureMessage, MailMonitor, and other products, allows remote attackers to execute arbitrary code via a Visio file with a crafted sub record length.
2005-09-02T23:03:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | sophos | sophos_anti-virus | 3.4.6 | Yes |
| Application | sophos | sophos_anti-virus | 3.78 | Yes |
| Application | sophos | sophos_anti-virus | 3.78d | Yes |
| Application | sophos | sophos_anti-virus | 3.79 | Yes |
| Application | sophos | sophos_anti-virus | 3.80 | Yes |
| Application | sophos | sophos_anti-virus | 3.81 | Yes |
| Application | sophos | sophos_anti-virus | 3.82 | Yes |
| Application | sophos | sophos_anti-virus | 3.83 | Yes |
| Application | sophos | sophos_anti-virus | 3.84 | Yes |
| Application | sophos | sophos_anti-virus | 3.85 | Yes |
| Application | sophos | sophos_anti-virus | 3.86 | Yes |
| Application | sophos | sophos_anti-virus | 3.90 | Yes |
| Application | sophos | sophos_anti-virus | 3.91 | Yes |
| Application | sophos | sophos_anti-virus | 3.95 | Yes |
| Application | sophos | sophos_anti-virus | 4.5.3 | Yes |
| Application | sophos | sophos_anti-virus | 5.0.1 | Yes |
| Application | sophos | sophos_anti-virus | 5.0.4 | Yes |