iViZ Security

Security Advisories

Sophos Antivirus for Linux


Sophos Antivirus deterministically crashes (segmentation fault) when analyzing corrupted packed files for multiple packers : armadillo, asprotect, asprotectSKE. The same behavior has also been observed when analyzing corrupted CAB files.

Affected Software

Sophos SAVScan 4.33.0 for Linux, possibly others


Remote DoS, possibly remote code execution.

Vendor Response

Vendor acknowledged the problems and will "fix the issues" in the next release.
Fixed in updated version


This vulnerability was discovered by Security Researcher Jonathan Brossard from iViZ Techno Solutions Pvt. Ltd.

Back to Security Advisories