First published: Wed May 10 2006(Updated: )
Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x before 4.05, when cabinet file inspection is enabled, allows remote attackers to execute arbitrary code via a CAB file with "invalid folder count values," which leads to heap corruption.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sophos Anti-Virus | >4.00<4.05 | |
Sophos Anti-Virus | >=5.0.0<5.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2006-0994 is considered a high-severity vulnerability due to its potential to allow remote code execution.
To fix CVE-2006-0994, upgrade to Sophos Anti-Virus version 5.2.1 or later, or 4.05 or later.
CVE-2006-0994 affects multiple versions of Sophos Anti-Virus, specifically versions prior to 5.2.1 and 4.05.
CVE-2006-0994 is a vulnerability that allows remote attackers to execute arbitrary code through specially crafted CAB files.
Yes, enabling cabinet file inspection increases the risk, as it can lead to heap corruption if exploited.