Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in Sophos Anti-Virus for Windows 6.x before 6.5.8 and 7.x before 7.0.1 allows remote attackers to inject arbitrary web script or HTML via an archive with a file that matches a virus signature and has a crafted filename that is not properly handled by the print function in SavMain.exe.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sophos Anti-Virus ZIP文档处理跨站脚本漏洞
Vulnerability Description
Sophos Anti-Virus是英国Sophos公司的一套适用于多种操作系统的反病毒软件。该软件可实时侦测和清除病毒、间谍软件、木马和蠕虫,确保台式机和笔记本电脑的全面网络保护。 如果ZIP文档中的病毒特征包含有畸形文件名的话,就可能在Sophos AntiVirus客户端触发跨站脚本漏洞。当Sophos anti-virus扫描到该ZIP文档时,会内部记录下可导致跨站脚本的畸形字符串,之后在通过Sophos客户端(SavMain.exe)访问这些信息时,就会解码跨站脚本攻击的字符串,导致在用户机器上
CVSS Information
N/A
Vulnerability Type
N/A