Security vulnerabilities found and fixed.
Two separate flaws have been reported in
Sophos
‘s anti-virus engine, affecting most of its product range and allowing security bypass and possible cross-site scripting.
The more serious flaw, which involves passing possibly dangerous content into the product’s log file via a specially crafted filename, is labelled ‘Moderately Critical’ by
Secunia
and could be exploited to run exploit code when trying to print the logs. The second flaw, an archive handling vulnerability affecting scanning of CAB, LZH and RAR files, could prevent the product from scanning specially crafted archives, and is considered a much less serious threat.
Both problems have been fixed in recent updates, which should be applied automatically in most cases, and users are as usual advised to ensure they are running the latest versions and patches. Summaries of the issues can be found at
Secunia
here
and
here
, with more detail from
Sophos
here
and
here
.
Posted on 10 September 2007 by
Virus Bulletin
Leave a Reply