First published: Mon Sep 10 2007(Updated: )
The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB, (2) LZH, and (3) RAR files with modified headers, which might allow remote attackers to bypass malware detection.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sophos Anti-Virus | =4.5.11 | |
Sophos Anti-Virus | =3.96 | |
Sophos Anti-Virus | =5.0.2 | |
Sophos Anti-Virus | =5.2.0 | |
Sophos Anti-Virus | =4.04 | |
Sophos Anti-Virus | =3.83 | |
Sophos Anti-Virus | =6.0 | |
Sophos Anti-Virus | =3.91 | |
Sophos Anti-Virus | =3.80 | |
Sophos Anti-Virus | =3.81 | |
Sophos Anti-Virus | =3.86 | |
Sophos Anti-Virus | =3.78 | |
Sophos Anti-Virus | =5.2.1 | |
Sophos Anti-Virus | =3.82 | |
Sophos Anti-Virus | =3.79 | |
Sophos Anti-Virus | =4.5.3 | |
Sophos Anti-Virus | =4.7.2 | |
Sophos Anti-Virus | =4.7.1 | |
Sophos Anti-Virus | =6.5.8 | |
Sophos Anti-Virus | =3.78d | |
Sophos Anti-Virus | =4.05 | |
Sophos Anti-Virus | =3.90 | |
Sophos Scanning Engine | =2.30.4 | |
Sophos Anti-Virus | =3.4.6 | |
Sophos Anti-Virus | =3.95 | |
Sophos Anti-Virus | =7.0 | |
Sophos Anti-Virus | =6.5 | |
Sophos Anti-Virus | =5.0.1 | |
Sophos Anti-Virus | =4.5.4 | |
Sophos Anti-Virus | =6.5.4_r2 | |
Sophos Anti-Virus | =4.5.12 | |
Sophos Anti-Virus | =3.84 | |
Sophos Anti-Virus | =5.0.4 | |
Sophos Anti-Virus | =5.1 | |
Sophos Anti-Virus | =3.85 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2007-4787 is classified as a medium severity vulnerability due to its potential to allow malware to bypass detection.
To fix CVE-2007-4787, upgrade your Sophos Anti-Virus software to version 2.49.0 or later.
CVE-2007-4787 affects several versions of Sophos Anti-Virus including 3.80, 3.96, 4.5.x, 5.0.x, and 6.0.
CVE-2007-4787 exploits malformed CAB, LZH, and RAR files with modified headers.
Yes, CVE-2007-4787 allows remote attackers to exploit the vulnerability to bypass malware detection.