CVE-2008-6904

Published Aug 6, 2009

Last updated 10 days ago

CVSS info 10.0

Overview

Description: Multiple unspecified vulnerabilities in Sophos SAVScan 4.33.0 for Linux, and possibly other products and versions, allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via crafted files that have been packed with (1) armadillo, (2) asprotect, or (3) asprotectSKE.
Source: cve@mitre.org
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:sophos:anti-virus:4.7.18:*:windows-nt:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1BEF5DD-8418-4C76-9351-ACD3ED25236E"
          },
          {
            "criteria": "cpe:2.3:a:sophos:anti-virus:4.7.18:*:windows_9x:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A15CB3E6-A97F-491B-B27E-E4AF255E0088"
          },
          {
            "criteria": "cpe:2.3:a:sophos:anti-virus:4.9.18:*:os_x:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E61D3204-DE1E-489E-9624-DD02F1B58F95"
          },
          {
            "criteria": "cpe:2.3:a:sophos:anti-virus:4.37.0:*:netware:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77FF9B2E-2A38-4A13-AA20-83081A5D9AF4"
          },
          {
            "criteria": "cpe:2.3:a:sophos:anti-virus:6.4.5:*:linux:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "550B1595-4C9F-412C-B903-DDD8202C1F4F"
          },
          {
            "criteria": "cpe:2.3:a:sophos:anti-virus:7.0.5:*:unix:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52F3B857-84EC-4FB8-A332-B7B81BCEB28C"
          },
          {
            "criteria": "cpe:2.3:a:sophos:anti-virus7.6.3:*:windows:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98EFEFC0-92AC-43A6-A072-B6AD2D4B0984"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References