Heap-based buffer overflow in the Sophos Antivirus Library, as used by Sophos Antivirus, PureMessage, MailMonitor, and other products, allows remote attackers to execute arbitrary code via a Visio file with a crafted sub record length.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Sophos_anti-virus | Sophos | 3.4.6 (including) | 3.4.6 (including) |
| Sophos_anti-virus | Sophos | 3.78 (including) | 3.78 (including) |
| Sophos_anti-virus | Sophos | 3.78d (including) | 3.78d (including) |
| Sophos_anti-virus | Sophos | 3.79 (including) | 3.79 (including) |
| Sophos_anti-virus | Sophos | 3.80 (including) | 3.80 (including) |
| Sophos_anti-virus | Sophos | 3.81 (including) | 3.81 (including) |
| Sophos_anti-virus | Sophos | 3.82 (including) | 3.82 (including) |
| Sophos_anti-virus | Sophos | 3.83 (including) | 3.83 (including) |
| Sophos_anti-virus | Sophos | 3.84 (including) | 3.84 (including) |
| Sophos_anti-virus | Sophos | 3.85 (including) | 3.85 (including) |
| Sophos_anti-virus | Sophos | 3.86 (including) | 3.86 (including) |
| Sophos_anti-virus | Sophos | 3.90 (including) | 3.90 (including) |
| Sophos_anti-virus | Sophos | 3.91 (including) | 3.91 (including) |
| Sophos_anti-virus | Sophos | 3.95 (including) | 3.95 (including) |
| Sophos_anti-virus | Sophos | 4.5.3 (including) | 4.5.3 (including) |
| Sophos_anti-virus | Sophos | 5.0.1 (including) | 5.0.1 (including) |
| Sophos_anti-virus | Sophos | 5.0.4 (including) | 5.0.4 (including) |