Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2014-1213

Sophos Anti-Virus engine (SAVi) before 3.50.1, as used in VDL 4.97G 9.7.x before 9.7.9, 10.0.x before 10.0.11, and 10.3.x before 10.3.1 does not set an ACL for certain global and session objects, which allows local users to bypass anti-virus protection, cause a denial of service (resource consumption, CPU consumption, and eventual crash) or spoof "ready for update" messages by performing certain operations on mutexes or events including (1) DataUpdateRequest, (2) MmfMutexSAV-****, (3) MmfMutexSAV-Info, (4) ReadyForUpdateSAV-****, (5) ReadyForUpdateSAV-Info, (6) SAV-****, (7) SAV-Info, (8) StateChange, (9) SuspendedSAV-****, (10) SuspendedSAV-Info, (11) UpdateComplete, (12) UpdateMutex, (13) UpdateRequest, or (14) SophosALMonSessionInstance, as demonstrated by triggering a ReadyForUpdateSAV event and modifying the UpdateComplete, UpdateMutex, and UpdateRequest objects.

Published

2014-02-10T23:55:05.057

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.6 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:P/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

7.8

Weaknesses

Type: Primary
CWE-264

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	sophos	scanning_engine	≤ 3.48	Yes
Application	sophos	sophos_anti-virus	10.0.11	Yes

References

http://osvdb.org/102762 ([email protected])
http://packetstormsecurity.com/files/125024/Sophos-Anti-Virus-Denial-Of-Service.html ([email protected])
http://seclists.org/fulldisclosure/2014/Feb/1 ([email protected])
http://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-1213/ ([email protected])
http://www.securityfocus.com/archive/1/530915/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/65286 ([email protected])
http://www.securitytracker.com/id/1029713 ([email protected])
http://www.sophos.com/en-us/support/knowledgebase/2300/7200/1031/120401.aspx ([email protected])
http://osvdb.org/102762 (af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/125024/Sophos-Anti-Virus-Denial-Of-Service.html (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2014/Feb/1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-1213/ (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/530915/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/65286 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1029713 (af854a3a-2127-422b-91ae-364da2661108)
http://www.sophos.com/en-us/support/knowledgebase/2300/7200/1031/120401.aspx (af854a3a-2127-422b-91ae-364da2661108)