Sophos bugs
by Nikola Strahija on August 1st, 2005 Users of Sophos’s anti-virus products have been warned this week of potentially serious security vulnerability.
The bug revealed by security researcher Alex Wheeler involves an unspecified heap-based buffer overflow vulnerability. The cross-platform flaw applies to Sophos Anti-Virus Small Business Edition and in version 3.x and 4.x of its main Sophos Anti-Virus product.
Sophos is calms possible security concerns. -Although theoretically a risk, Sophos has not seen any examples of malware attempting to exploit this vulnerability, it said.
The company has released updates for Sophos Anti-Virus (3.96.0 and 4.5.4) that include a security fix. An update for Windows versions of Sophos Anti-Virus Small Business Edition is due Friday with updates for the software on other platforms due within the next two weeks.