Sophos Anti-Virus ZIP Archive HTML Injection Vulnerability

Bugtraq ID:	25572
Class:	Input Validation Error
CVE:	CVE-2007-4512
Remote:	Yes
Local:	No
Published:	Sep 06 2007 12:00AM
Updated:	Sep 06 2007 08:21PM
Credit:	Context Information Security Ltd is credited with the discovery of this vulnerability.
Vulnerable:	Sophos Anti-Virus 6.5.4 R2 Sophos Anti-Virus 7.0
Not Vulnerable:	Sophos Anti-Virus 6.5.8 Sophos Anti-Virus 7.01

Sophos Anti-Virus ZIP Archive HTML Injection Vulnerability

Sophos Anti-Virus is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting this issue may allow an attacker to execute HTML and script code in the context of the user running the affected application.

This issue affects Sophos Anti-Virus 6.5.4 R2; earlier versions may also be vulnerable.

Sophos Anti-Virus ZIP Archive HTML Injection Vulnerability

An attacker can exploit this issue by sending a specially crafted ZIP archive to an unsuspecting victim.

Sophos Anti-Virus ZIP Archive HTML Injection Vulnerability

Solution:
The vendor has released an update to address this issue. Contact the vendor for details on obtaining and applying the appropriate updates.

Sophos Anti-Virus ZIP Archive HTML Injection Vulnerability

References:

• Sophos Anti-Virus Home Page (Sophos)
  
• Sophos Anti-Virus 6.5.4 Vulnerability (Context Information Security)
  
• Advisory: Sophos Anti-Virus Cross-site script vulnerability reported (Sophos)