CVE-2006-0994

CVE-2006-0994 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x before 4.05, when cabinet file inspection is enabled, allows remote attackers to execute arbitrary code via a CAB file with "invalid folder count values," which leads to heap corruption.

Learn more about our Cis Benchmark Audit For Sophos.