Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researcher is reliable.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-08-28T18:00:00

Updated: 2024-08-07T15:01:09.611Z

Reserved: 2007-08-28T00:00:00

Link: CVE-2007-4578

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2007-08-28T18:17:00.000

Modified: 2024-11-21T00:35:56.207

Link: CVE-2007-4578

cve-icon Redhat

No data.