Critical vulnerability found in Sophos antivirus product


Antivirus software firm Sophos PLC usually issues advisories about software vulnerabilities and threats in third-party products. This week the company warned enterprises of a vulnerability affecting a wide range of its own products.

The vulnerability exists in the way in which Sophos’ software handles Microsoft cabinet files (CAB), which are compressed collections of files, according to a statement from Sophos.

The SANS Internet StormCenter called the vulnerability a critical one because of its potential to be exploited remotely. Critical vulnerability found in Sophos antivirus product

Linked by shanmuga Thursday, 11th May 2006 8:13AM