Sophos Anti-Virus 5.0.1, with "Scan inside archive files" enabled, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a Bzip2 archive with a large 'Extra field length' value.
Link | Tags |
---|---|
http://www.securityfocus.com/bid/14270 | exploit vdb entry patch |
http://www.idefense.com/application/poi/display?id=283&type=vulnerabilities&flashstatus=true | third party advisory patch vendor advisory |
http://securitytracker.com/id?1014488 | vdb entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/21373 | vdb entry |