Vulnerability Description
Sophos Anti-Virus 3.93 does not check downloaded files for viruses when they have only been written, which creates a race condition and may allow remote attackers to bypass virus protection if the file is executed before the antivirus starts on system reboot.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sophos | Sophos Anti-Virus | 3.93 |
References
- http://marc.info/?l=bugtraq&m=111566827411376&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20519
- http://marc.info/?l=bugtraq&m=111566827411376&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20519
FAQ
What is CVE-2005-1551?
CVE-2005-1551 is a vulnerability with a CVSS score of 5.1 (MEDIUM). Sophos Anti-Virus 3.93 does not check downloaded files for viruses when they have only been written, which creates a race condition and may allow remote attackers to bypass virus protection if the fil...
How severe is CVE-2005-1551?
CVE-2005-1551 has been rated MEDIUM with a CVSS base score of 5.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1551?
Check the references section above for vendor advisories and patch information. Affected products include: Sophos Sophos Anti-Virus.