CVE-2007-4787 Information

Description

The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB (2) LZH and (3) RAR files with modified headers which might allow remote attackers to bypass malware detection.

Reference

http://osvdb.org/37988 http://secunia.com/advisories/26726 http://www.securityfocus.com/bid/25574 http://www.sophos.com/support/knowledgebase/article/29146.html http://www.vupen.com/english/advisories/2007/3078 https://exchange.xforce.ibmcloud.com/vulnerabilities/36502