CVE-2006-5646: Buffer Overflow

First published: Wed Nov 01 2006(Updated: )

Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0.

Credit: cve@mitre.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-historical
• collector/nvd-index
• agent/weakness
• agent/type
• agent/event
• agent/severity
• agent/references
• agent/author
• agent/description
• agent/tags
• agent/softwarecombine
• agent/first-publish-date
• agent/last-modified-date
• vendor/sophos
• canonical/sophos anti-virus
• version/sophos anti-virus/4.04
• version/sophos anti-virus/5.2
• version/sophos anti-virus/5.0.2
• version/sophos anti-virus/4.5.12
• canonical/sophos endpoint security
• version/sophos endpoint security/6.04
• version/sophos anti-virus/4.5.11
• version/sophos anti-virus/4.7.1
• version/sophos anti-virus/4.7.2
• version/sophos anti-virus/5.0.4
• version/sophos anti-virus/5.2.1
• version/sophos anti-virus/4.05
• version/sophos anti-virus/4.5.3
• version/sophos anti-virus/4.5.4
• version/sophos anti-virus/6.0.4
• version/sophos anti-virus/5.1
• version/sophos anti-virus/5.0.1