Users login

Create an account »


Users login

Home » Hacking News » Hacker friendly Sophos products

Hacker friendly Sophos products

by Nikola Strahija on May 11th, 2006 A vulnerability in Sophos anti-virus and computer security products could allow malicious attackers to execute arbitrary code. Good news is that the flaw was patched.

Although this news seems quite funny, the SANS Internet StormCenter gave this vulnerability a critical rating. Sophos is, on their behalf, belittling the danger, stating that no evidence of vulnerability exploit was found.

The advisory on Sophos website says: -A flaw exists within the unpacking of Microsoft Cabinet files. Parsing a specially crafted cabinet file can lead to an exploitable heap corruption. This vulnerability is only exposed when cabinet file inspection is explicitly enabled. Authentication is not required to exploit this vulnerability. This vulnerability could allow a remote attacker to execute arbitrary code on a vulnerable installation of Sophos Anti-Virus.' Seems pretty serious to us, considering that 21 different products and much more versions of Sophos Anti-virus, Pure Message and MailMonitor were vulnerable.

The company has issued a patch and stressed that the flaw didn't have any impact on the performance of the anti-virus product.

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »