Vulnerability in Sophos Scanning_engine
CVE-2014-1213
Sophos Anti-Virus engine (SAVi) before 3.50.1, as used in VDL 4.97G 9.7.x before 9.7.9, 10.0.x before 10.0.11, and 10.3.x before 10.3.1 does not set an ACL for certain global and session objects, which allows local users to bypass anti-vir…
EPSS: 0.001 (24.2th percentile) — read the EPSS interpretation.
Affected products
- Sophos Scanning_engine
- Sophos Sophos_anti-virus — versions 10.0.11
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (x_refsource_MISC)
- 20140131 CVE-2014-1213 - Denial of Service in Sophos Anti Virus (mailing-list, x_refsource_BUGTRAQ)
- 20140131 CVE-2014-1213 - Denial of Service in Sophos Anti Virus (mailing-list, x_refsource_FULLDISC)
- 102762 (x_refsource_OSVDB, vdb-entry)
- 1029713 (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (x_refsource_MISC)
- 65286 (vdb-entry, x_refsource_BID)